Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - totálně pomalý počítač

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ostepanek
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 28 úno 2016 19:31

Prosím o kontrolu logu - totálně pomalý počítač

#1 Příspěvek od ostepanek »

Zdravím, příšerně se mi zpomalil notebook, někde asi chyba. Prosím o kontrolu logu, který přikládám níže. Děkuji za odpovědi.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:36, on 28.2.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Windows\OEM13Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Gabca\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={E1EDAB5C ... 2014-12-11 12:58:55&v=4.2.5.441&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: O2FLASH (o2flash) - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: vToolbarUpdater40.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 7721 bytes
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - totálně pomalý počítač

#2 Příspěvek od Rudy »

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . HijackThis je už za zenitem. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ostepanek
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 28 úno 2016 19:31

Re: Prosím o kontrolu logu - totálně pomalý počítač

#3 Příspěvek od ostepanek »

Rudy píše:Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . HijackThis je už za zenitem. Děkuji.

Přikládám níže:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-02-2016
Ran by Gabca (administrator) on GABCA-PC (28-02-2016 20:11:48)
Running from C:\Users\Gabca\Downloads
Loaded Profiles: Gabca (Available Profiles: Gabca)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Creative Technology Ltd.) C:\Windows\OEM13Mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OEM13Mon.exe] => C:\Windows\OEM13Mon.exe [36864 2008-01-07] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2009-01-20] (Dell Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-02-04] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-01-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [HTC Sync Loader] => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [655360 2012-12-12] ()
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2874440 2016-02-23] ()
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: {fb340dc6-0408-11e3-8fc6-002170a5fcc5} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{EE6E886F-BA96-423C-85E0-9F628A23B32B}: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{FF3BBD7E-2F67-4515-A199-FA23372CBC47}: [DhcpNameServer] 10.0.0.138 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E1EDAB5C-0F7F-42D6-8DF4-BFDFE641F7DF}&mid=dda663e097c847d3abd9d16836411536-5ac7a0a3cab68c333cbf7da2fb234ccfdacd68e8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-11 12:58:55&v=4.2.5.441&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E1EDAB5C-0F7F-42D6-8DF4-BFDFE641F7DF}&mid=dda663e097c847d3abd9d16836411536-5ac7a0a3cab68c333cbf7da2fb234ccfdacd68e8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-11 12:58:55&v=4.2.5.441&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-23] (AVG)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll [2014-12-11] (AVG Secure Search)

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-09] [not signed]

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-09]
CHR Extension: (YouTube) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (AVG Secure Search) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-02-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-09]
CHR Extension: (Skype) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2008-02-04] (Andrea Electronics Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881696 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 o2flash; C:\Windows\system32\DRIVERS\o2flash.exe [71512 2008-07-29] (O2Micro International)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 vToolbarUpdater40.2.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-02-23] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2009-01-20] (Dell Inc.) [File not signed]
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-02] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2009-01-20] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2015-11-18] (Symantec Corporation)
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2007-03-05] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2008-05-28] (Creative Technology Ltd.)
S3 qcserxp; C:\Windows\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated) [File not signed]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 20:11 - 2016-02-28 20:12 - 00016879 _____ C:\Users\Gabca\Downloads\FRST.txt
2016-02-28 20:11 - 2016-02-28 20:11 - 01722368 _____ (Farbar) C:\Users\Gabca\Downloads\FRST.exe
2016-02-28 20:11 - 2016-02-28 20:11 - 00000000 ____D C:\FRST
2016-02-28 20:10 - 2016-02-28 20:10 - 00112640 _____ (forum.viry.cz) C:\Users\Gabca\Downloads\Nepotvrzeno 152789.crdownload
2016-02-28 19:28 - 2016-02-28 19:28 - 00000000 ____D C:\Users\Gabca\Downloads\backups
2016-02-28 19:19 - 2016-02-28 19:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis (2).exe
2016-02-28 19:15 - 2016-02-28 19:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis (1).exe
2016-02-28 19:12 - 2016-02-28 19:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis.exe
2016-02-28 18:53 - 2016-02-28 18:55 - 00000000 ____D C:\Windows\system32\ca-ES
2016-02-28 18:53 - 2016-02-28 18:54 - 00000000 ____D C:\Windows\system32\vi-VN
2016-02-28 18:53 - 2016-02-28 18:54 - 00000000 ____D C:\Windows\system32\eu-ES
2016-02-28 18:25 - 2016-02-28 18:25 - 00000000 ____D C:\Windows\system32\EventProviders
2016-02-09 00:50 - 2016-02-09 00:50 - 00033792 _____ C:\Users\Gabca\Downloads\divadla (1).xls
2016-02-02 11:04 - 2016-02-02 11:04 - 00000000 ____D C:\Users\Gabca\AppData\Roaming\AVG
2016-02-02 11:04 - 2016-02-02 11:04 - 00000000 ____D C:\Users\Gabca\AppData\Local\Avg
2016-02-02 10:57 - 2016-02-02 10:57 - 00000735 _____ C:\Users\Public\Desktop\AVG.lnk
2016-02-02 10:57 - 2016-02-02 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-02-02 10:56 - 2016-02-02 11:00 - 00000000 ____D C:\ProgramData\Avg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 20:09 - 2013-04-10 09:44 - 00000000 ____D C:\Users\Gabca\AppData\Roaming\Skype
2016-02-28 20:09 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-28 20:09 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-28 19:55 - 2013-04-10 09:34 - 00000000 ____D C:\ProgramData\MFAData
2016-02-28 19:20 - 2013-04-10 20:36 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-28 19:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-02-28 19:05 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-28 19:05 - 2006-11-02 11:33 - 00703388 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-28 19:04 - 2013-05-05 22:13 - 00000000 ____D C:\Users\Gabca\AppData\Local\Htc
2016-02-28 19:02 - 2015-07-31 10:25 - 00000000 ____D C:\Users\Gabca\AppData\Local\HTC MediaHub
2016-02-28 19:02 - 2013-04-10 20:36 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-28 19:01 - 2013-04-10 20:36 - 00001989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-28 19:01 - 2013-04-10 20:36 - 00001977 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-28 19:01 - 2013-04-09 19:21 - 00000955 _____ C:\Users\Gabca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-28 19:01 - 2013-04-09 19:21 - 00000921 _____ C:\Users\Gabca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-28 19:00 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-28 18:59 - 2006-11-02 13:47 - 00375360 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-28 18:57 - 2006-11-02 14:01 - 00020620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Calendar
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Movie Maker
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lv-LV
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\et-EE
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\servicing
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\IME
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\setup
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\oobe
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\manifeststore
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lt-LT
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-02-28 18:51 - 2013-04-09 23:09 - 00000000 ____D C:\Windows\system32\RTCOM
2016-02-28 18:15 - 2014-12-11 12:58 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-02-27 14:33 - 2015-04-01 16:33 - 00000440 ____H C:\Windows\Tasks\Norton Security Scan for Gabca.job
2016-02-23 13:18 - 2015-05-08 10:24 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-02-13 03:08 - 2013-07-19 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-02-13 03:02 - 2006-11-02 11:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-02 11:04 - 2015-11-04 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-02 11:04 - 2013-04-10 09:37 - 00000000 ___HD C:\$AVG
2016-02-02 11:04 - 2013-04-10 09:36 - 00000000 ____D C:\Program Files\AVG
2016-02-02 10:58 - 2014-12-11 12:59 - 00000000 ____D C:\Users\Gabca\AppData\Local\AVG Web TuneUp

==================== Files in the root of some directories =======

2013-04-09 19:21 - 2013-04-09 19:37 - 0000680 _____ () C:\Users\Gabca\AppData\Local\d3d9caps.dat
2013-04-16 09:07 - 2015-10-19 16:59 - 0029184 _____ () C:\Users\Gabca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\Gabca\AppData\Local\Temp\hnmwhdkm.dll
C:\Users\Gabca\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-28 19:04

==================== End of FRST.txt ============================
Nahoru
ostepanek
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 28 úno 2016 19:31

Re: Prosím o kontrolu logu - totálně pomalý počítač

#4 Příspěvek od ostepanek »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-02-2016
Ran by Gabca (administrator) on GABCA-PC (28-02-2016 20:11:48)
Running from C:\Users\Gabca\Downloads
Loaded Profiles: Gabca (Available Profiles: Gabca)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Creative Technology Ltd.) C:\Windows\OEM13Mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OEM13Mon.exe] => C:\Windows\OEM13Mon.exe [36864 2008-01-07] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2009-01-20] (Dell Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-02-04] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-01-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [HTC Sync Loader] => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [655360 2012-12-12] ()
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2874440 2016-02-23] ()
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: {fb340dc6-0408-11e3-8fc6-002170a5fcc5} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{EE6E886F-BA96-423C-85E0-9F628A23B32B}: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{FF3BBD7E-2F67-4515-A199-FA23372CBC47}: [DhcpNameServer] 10.0.0.138 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E1EDAB5C-0F7F-42D6-8DF4-BFDFE641F7DF}&mid=dda663e097c847d3abd9d16836411536-5ac7a0a3cab68c333cbf7da2fb234ccfdacd68e8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-11 12:58:55&v=4.2.5.441&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E1EDAB5C-0F7F-42D6-8DF4-BFDFE641F7DF}&mid=dda663e097c847d3abd9d16836411536-5ac7a0a3cab68c333cbf7da2fb234ccfdacd68e8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-11 12:58:55&v=4.2.5.441&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-23] (AVG)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll [2014-12-11] (AVG Secure Search)

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-09] [not signed]

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-09]
CHR Extension: (YouTube) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (AVG Secure Search) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-02-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-09]
CHR Extension: (Skype) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2008-02-04] (Andrea Electronics Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881696 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 o2flash; C:\Windows\system32\DRIVERS\o2flash.exe [71512 2008-07-29] (O2Micro International)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 vToolbarUpdater40.2.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-02-23] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2009-01-20] (Dell Inc.) [File not signed]
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-02] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2009-01-20] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2015-11-18] (Symantec Corporation)
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2007-03-05] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2008-05-28] (Creative Technology Ltd.)
S3 qcserxp; C:\Windows\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated) [File not signed]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 20:11 - 2016-02-28 20:12 - 00016879 _____ C:\Users\Gabca\Downloads\FRST.txt
2016-02-28 20:11 - 2016-02-28 20:11 - 01722368 _____ (Farbar) C:\Users\Gabca\Downloads\FRST.exe
2016-02-28 20:11 - 2016-02-28 20:11 - 00000000 ____D C:\FRST
2016-02-28 20:10 - 2016-02-28 20:10 - 00112640 _____ (forum.viry.cz) C:\Users\Gabca\Downloads\Nepotvrzeno 152789.crdownload
2016-02-28 19:28 - 2016-02-28 19:28 - 00000000 ____D C:\Users\Gabca\Downloads\backups
2016-02-28 19:19 - 2016-02-28 19:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis (2).exe
2016-02-28 19:15 - 2016-02-28 19:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis (1).exe
2016-02-28 19:12 - 2016-02-28 19:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis.exe
2016-02-28 18:53 - 2016-02-28 18:55 - 00000000 ____D C:\Windows\system32\ca-ES
2016-02-28 18:53 - 2016-02-28 18:54 - 00000000 ____D C:\Windows\system32\vi-VN
2016-02-28 18:53 - 2016-02-28 18:54 - 00000000 ____D C:\Windows\system32\eu-ES
2016-02-28 18:25 - 2016-02-28 18:25 - 00000000 ____D C:\Windows\system32\EventProviders
2016-02-09 00:50 - 2016-02-09 00:50 - 00033792 _____ C:\Users\Gabca\Downloads\divadla (1).xls
2016-02-02 11:04 - 2016-02-02 11:04 - 00000000 ____D C:\Users\Gabca\AppData\Roaming\AVG
2016-02-02 11:04 - 2016-02-02 11:04 - 00000000 ____D C:\Users\Gabca\AppData\Local\Avg
2016-02-02 10:57 - 2016-02-02 10:57 - 00000735 _____ C:\Users\Public\Desktop\AVG.lnk
2016-02-02 10:57 - 2016-02-02 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-02-02 10:56 - 2016-02-02 11:00 - 00000000 ____D C:\ProgramData\Avg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 20:09 - 2013-04-10 09:44 - 00000000 ____D C:\Users\Gabca\AppData\Roaming\Skype
2016-02-28 20:09 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-28 20:09 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-28 19:55 - 2013-04-10 09:34 - 00000000 ____D C:\ProgramData\MFAData
2016-02-28 19:20 - 2013-04-10 20:36 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-28 19:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-02-28 19:05 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-28 19:05 - 2006-11-02 11:33 - 00703388 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-28 19:04 - 2013-05-05 22:13 - 00000000 ____D C:\Users\Gabca\AppData\Local\Htc
2016-02-28 19:02 - 2015-07-31 10:25 - 00000000 ____D C:\Users\Gabca\AppData\Local\HTC MediaHub
2016-02-28 19:02 - 2013-04-10 20:36 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-28 19:01 - 2013-04-10 20:36 - 00001989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-28 19:01 - 2013-04-10 20:36 - 00001977 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-28 19:01 - 2013-04-09 19:21 - 00000955 _____ C:\Users\Gabca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-28 19:01 - 2013-04-09 19:21 - 00000921 _____ C:\Users\Gabca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-28 19:00 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-28 18:59 - 2006-11-02 13:47 - 00375360 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-28 18:57 - 2006-11-02 14:01 - 00020620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Calendar
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Movie Maker
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lv-LV
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\et-EE
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\servicing
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\IME
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\setup
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\oobe
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\manifeststore
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lt-LT
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-02-28 18:51 - 2013-04-09 23:09 - 00000000 ____D C:\Windows\system32\RTCOM
2016-02-28 18:15 - 2014-12-11 12:58 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-02-27 14:33 - 2015-04-01 16:33 - 00000440 ____H C:\Windows\Tasks\Norton Security Scan for Gabca.job
2016-02-23 13:18 - 2015-05-08 10:24 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-02-13 03:08 - 2013-07-19 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-02-13 03:02 - 2006-11-02 11:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-02 11:04 - 2015-11-04 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-02 11:04 - 2013-04-10 09:37 - 00000000 ___HD C:\$AVG
2016-02-02 11:04 - 2013-04-10 09:36 - 00000000 ____D C:\Program Files\AVG
2016-02-02 10:58 - 2014-12-11 12:59 - 00000000 ____D C:\Users\Gabca\AppData\Local\AVG Web TuneUp

==================== Files in the root of some directories =======

2013-04-09 19:21 - 2013-04-09 19:37 - 0000680 _____ () C:\Users\Gabca\AppData\Local\d3d9caps.dat
2013-04-16 09:07 - 2015-10-19 16:59 - 0029184 _____ () C:\Users\Gabca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\Gabca\AppData\Local\Temp\hnmwhdkm.dll
C:\Users\Gabca\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-28 19:04

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - totálně pomalý počítač

#5 Příspěvek od Rudy »

Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ostepanek
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 28 úno 2016 19:31

Re: Prosím o kontrolu logu - totálně pomalý počítač

#6 Příspěvek od ostepanek »

# AdwCleaner v5.037 - Logfile created 28/02/2016 at 21:27:31
# Updated 28/02/2016 by Xplode
# Database : 2016-02-28.2 [Server]
# Operating system : Windows Vista (TM) Business Service Pack 2 (x86)
# Username : Gabca - GABCA-PC
# Running from : C:\Users\Gabca\Downloads\adwcleaner_5.037 (1).exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn

***** [ Files ] *****

[-] File Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] File Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] File Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4489 bytes] - [28/02/2016 21:27:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [4364 bytes] - [28/02/2016 21:25:13]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4635 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - totálně pomalý počítač

#7 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ostepanek
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 28 úno 2016 19:31

Re: Prosím o kontrolu logu - totálně pomalý počítač

#8 Příspěvek od ostepanek »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-02-2016
Ran by Gabca (administrator) on GABCA-PC (28-02-2016 22:01:59)
Running from C:\Users\Gabca\Downloads
Loaded Profiles: Gabca (Available Profiles: Gabca)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Creative Technology Ltd.) C:\Windows\OEM13Mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OEM13Mon.exe] => C:\Windows\OEM13Mon.exe [36864 2008-01-07] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2009-01-20] (Dell Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-02-04] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-01-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [HTC Sync Loader] => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [655360 2012-12-12] ()
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: {fb340dc6-0408-11e3-8fc6-002170a5fcc5} - F:\Autorun.exe
BootExecute: autocheck autochk /r \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{EE6E886F-BA96-423C-85E0-9F628A23B32B}: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{FF3BBD7E-2F67-4515-A199-FA23372CBC47}: [DhcpNameServer] 10.0.0.138 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2545414933-95109104-453651295-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-09] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-09]
CHR Extension: (YouTube) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-09]
CHR Extension: (Skype) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Gabca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2008-02-04] (Andrea Electronics Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881696 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 o2flash; C:\Windows\system32\DRIVERS\o2flash.exe [71512 2008-07-29] (O2Micro International)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2009-01-20] (Dell Inc.) [File not signed]
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-02] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2009-01-20] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2015-11-18] (Symantec Corporation)
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2007-03-05] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2008-05-28] (Creative Technology Ltd.)
S3 qcserxp; C:\Windows\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated) [File not signed]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 21:53 - 2016-02-28 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-28 21:53 - 2016-02-28 21:53 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-02-28 21:25 - 2016-02-28 21:27 - 00000000 ____D C:\AdwCleaner
2016-02-28 21:24 - 2016-02-28 21:24 - 01518592 _____ C:\Users\Gabca\Downloads\adwcleaner_5.037 (1).exe
2016-02-28 21:18 - 2016-02-28 21:18 - 01518592 _____ C:\Users\Gabca\Downloads\adwcleaner_5.037.exe
2016-02-28 20:12 - 2016-02-28 20:14 - 00023455 _____ C:\Users\Gabca\Downloads\Addition.txt
2016-02-28 20:11 - 2016-02-28 22:02 - 00014638 _____ C:\Users\Gabca\Downloads\FRST.txt
2016-02-28 20:11 - 2016-02-28 22:01 - 00000000 ____D C:\FRST
2016-02-28 20:11 - 2016-02-28 20:11 - 01722368 _____ (Farbar) C:\Users\Gabca\Downloads\FRST.exe
2016-02-28 20:10 - 2016-02-28 20:10 - 00112640 _____ (forum.viry.cz) C:\Users\Gabca\Downloads\Nepotvrzeno 152789.crdownload
2016-02-28 19:28 - 2016-02-28 19:28 - 00000000 ____D C:\Users\Gabca\Downloads\backups
2016-02-28 19:19 - 2016-02-28 19:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis (2).exe
2016-02-28 19:15 - 2016-02-28 19:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis (1).exe
2016-02-28 19:12 - 2016-02-28 19:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gabca\Downloads\hijackthis.exe
2016-02-28 18:53 - 2016-02-28 18:55 - 00000000 ____D C:\Windows\system32\ca-ES
2016-02-28 18:53 - 2016-02-28 18:54 - 00000000 ____D C:\Windows\system32\vi-VN
2016-02-28 18:53 - 2016-02-28 18:54 - 00000000 ____D C:\Windows\system32\eu-ES
2016-02-28 18:25 - 2016-02-28 18:25 - 00000000 ____D C:\Windows\system32\EventProviders
2016-02-09 00:50 - 2016-02-09 00:50 - 00033792 _____ C:\Users\Gabca\Downloads\divadla (1).xls
2016-02-02 11:04 - 2016-02-02 11:04 - 00000000 ____D C:\Users\Gabca\AppData\Roaming\AVG
2016-02-02 11:04 - 2016-02-02 11:04 - 00000000 ____D C:\Users\Gabca\AppData\Local\Avg
2016-02-02 10:57 - 2016-02-02 10:57 - 00000735 _____ C:\Users\Public\Desktop\AVG.lnk
2016-02-02 10:57 - 2016-02-02 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-02-02 10:56 - 2016-02-02 11:00 - 00000000 ____D C:\ProgramData\Avg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 21:56 - 2013-04-10 20:40 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-02-28 21:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-28 21:55 - 2006-11-02 11:33 - 00703388 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-28 21:54 - 2013-04-10 09:44 - 00000000 ____D C:\Users\Gabca\AppData\Roaming\Skype
2016-02-28 21:53 - 2014-06-13 19:15 - 00001896 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-28 21:53 - 2013-04-10 09:44 - 00000000 ___RD C:\Program Files\Skype
2016-02-28 21:53 - 2013-04-10 09:44 - 00000000 ____D C:\ProgramData\Skype
2016-02-28 21:51 - 2013-05-05 22:13 - 00000000 ____D C:\Users\Gabca\AppData\Local\Htc
2016-02-28 21:50 - 2015-07-31 10:25 - 00000000 ____D C:\Users\Gabca\AppData\Local\HTC MediaHub
2016-02-28 21:50 - 2013-04-10 20:36 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-28 21:50 - 2013-04-10 09:34 - 00000000 ____D C:\ProgramData\MFAData
2016-02-28 21:49 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-28 21:49 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-28 21:49 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-28 21:48 - 2006-11-02 14:01 - 00021356 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-28 21:20 - 2013-04-10 20:36 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-28 19:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-02-28 19:01 - 2013-04-10 20:36 - 00001989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-28 19:01 - 2013-04-10 20:36 - 00001977 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-28 19:01 - 2013-04-09 19:21 - 00000955 _____ C:\Users\Gabca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-28 19:01 - 2013-04-09 19:21 - 00000921 _____ C:\Users\Gabca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-28 18:59 - 2006-11-02 13:47 - 00375360 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Calendar
2016-02-28 18:55 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Movie Maker
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lv-LV
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\et-EE
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\servicing
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\IME
2016-02-28 18:55 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\setup
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\oobe
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\manifeststore
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lt-LT
2016-02-28 18:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-02-28 18:51 - 2013-04-09 23:09 - 00000000 ____D C:\Windows\system32\RTCOM
2016-02-28 18:15 - 2014-12-11 12:58 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-02-27 14:33 - 2015-04-01 16:33 - 00000440 ____H C:\Windows\Tasks\Norton Security Scan for Gabca.job
2016-02-23 13:18 - 2015-05-08 10:24 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-02-13 03:08 - 2013-07-19 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-02-13 03:02 - 2006-11-02 11:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-02 11:04 - 2015-11-04 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-02 11:04 - 2013-04-10 09:37 - 00000000 ___HD C:\$AVG
2016-02-02 11:04 - 2013-04-10 09:36 - 00000000 ____D C:\Program Files\AVG
2016-02-02 10:58 - 2014-12-11 12:59 - 00000000 ____D C:\Users\Gabca\AppData\Local\AVG Web TuneUp

==================== Files in the root of some directories =======

2013-04-09 19:21 - 2013-04-09 19:37 - 0000680 _____ () C:\Users\Gabca\AppData\Local\d3d9caps.dat
2013-04-16 09:07 - 2015-10-19 16:59 - 0029184 _____ () C:\Users\Gabca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\Gabca\AppData\Local\Temp\hnmwhdkm.dll
C:\Users\Gabca\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Gabca\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-28 21:57

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - totálně pomalý počítač

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2545414933-95109104-453651295-1000\...\MountPoints2: {fb340dc6-0408-11e3-8fc6-002170a5fcc5} - F:\Autorun.exe
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-2545414933-95109104-453651295-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Gabca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Gabca\AppData\Local\Temp
End
Uložte do C:\Users\Gabca\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“