BitCoiner, pomalé připojení

[Wraith]

Dobrý den, po několika úspěšně vyřešených problémech jsem nucen se ozvat s dalším.
Zhruba týden se mi začal zpomalovat internet, dlouhý start Windowsu (Plocha téměř čistá, Spuštěné programy proklepnuté)
Avast spí, nic nehlásí, takže jsem se rozhodl pro rychlou kontrolu skrze MalwareBytes, ten ovšem objevil soubor ntvdm.inf
Ten jsem následovně nechal úspěšně smazat, to ovšem nemusí znamenat, že je čisto a proto se raději obracím na Vás.
FRST a addition log přiložen v zipu, děkuji za odpověď

[Rudy]

Zdravím!
Archiv je prázdný.

[Wraith]

Má chyba, napraveno

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Wraith]

# AdwCleaner v6.040 - Log vytvořen 11/12/2016 v 17:03:13
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-11.2 [Server]
# Operační systém : Windows 8 (X64)
# Uživatelské jméno : User - NT
# Spuštěno z : C:\Users\User\Downloads\adwcleaner_6.040.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\User\AppData\Local\28050
[-] Složka smazána: C:\Users\User\AppData\Local\eSupport.com
[-] Složka smazána: C:\Users\User\AppData\Local\slimware utilities inc
[#] Složka smazána po restartu: C:\Users\User\AppData\Local\SlimWare Utilities Inc
[-] Složka smazána: C:\Users\Public\Documents\Downloaded Installers
[-] Složka smazána: C:\Program Files (x86)\Browsebeyond


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\User\daemonprocess.txt
[-] Soubor smazán: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ojcgaoafcmbadjkfdippkdddgkeaipbn_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\speedupmypc
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\speedupmypc
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Klíč smazán: HKU\S-1-5-21-1929903500-702496554-4106183244-1001\Software\eSupport.com
[-] Klíč smazán: HKU\S-1-5-21-1929903500-702496554-4106183244-1001\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartu: HKCU\Software\eSupport.com
[#] Klíč smazán po restartu: HKCU\Software\SlimWare Utilities Inc
[-] Klíč smazán: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč smazán: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Klíč smazán: HKLM\SOFTWARE\Uniblue
[#] Klíč smazán po restartu: [x64] HKCU\Software\eSupport.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\SlimWare Utilities Inc
[-] Hodnota smazána: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [mobilegeni daemon]
[-] Hodnota smazána: HKU\S-1-5-21-1929903500-702496554-4106183244-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [NextLive]
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2606 Bajty] - [11/12/2016 17:03:13]
C:\AdwCleaner\AdwCleaner[S0].txt - [2881 Bajty] - [11/12/2016 17:01:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2752 Bajty] ##########

[Rudy]

Dejte nový log FRST.

[Wraith]

Hotovo

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\...\MountPoints2: {7bc20164-6f64-11e3-be76-689423bcd818} - "F:\setup.exe"
SearchScopes: HKU\S-1-5-21-1929903500-702496554-4106183244-1001 -> DefaultScope {72E8FF3F-6D64-4D62-84BB-251D6FCBEABC} URL =
SearchScopes: HKU\S-1-5-21-1929903500-702496554-4106183244-1001 -> {72E8FF3F-6D64-4D62-84BB-251D6FCBEABC} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1929903500-702496554-4106183244-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Administrator\AppData\Local\Temp
C:\Users\PC-Download\AppData\Local\Temp
C:\Users\User\AppData\Local\Temp
Task: {1317B1A3-349F-4B30-A56E-23ED384C957A} - System32\Tasks\update-S-1-5-21-1929903500-702496554-4106183244-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {423CB35E-9358-4E9F-A75D-5FD0EF92B572} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
ResetHosts:
End

Uložte do C:\Users\User\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Wraith]

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by User (11-12-2016 19:41:49) Run:1
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User & PC-Download & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\...\MountPoints2: {7bc20164-6f64-11e3-be76-689423bcd818} - "F:\setup.exe"
SearchScopes: HKU\S-1-5-21-1929903500-702496554-4106183244-1001 -> DefaultScope {72E8FF3F-6D64-4D62-84BB-251D6FCBEABC} URL =
SearchScopes: HKU\S-1-5-21-1929903500-702496554-4106183244-1001 -> {72E8FF3F-6D64-4D62-84BB-251D6FCBEABC} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1929903500-702496554-4106183244-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Administrator\AppData\Local\Temp
C:\Users\PC-Download\AppData\Local\Temp
C:\Users\User\AppData\Local\Temp
Task: {1317B1A3-349F-4B30-A56E-23ED384C957A} - System32\Tasks\update-S-1-5-21-1929903500-702496554-4106183244-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {423CB35E-9358-4E9F-A75D-5FD0EF92B572} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
ResetHosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKU\S-1-5-21-1929903500-702496554-4106183244-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7bc20164-6f64-11e3-be76-689423bcd818}" => key removed successfully
HKCR\CLSID\{7bc20164-6f64-11e3-be76-689423bcd818} => key not found.
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1929903500-702496554-4106183244-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72E8FF3F-6D64-4D62-84BB-251D6FCBEABC}" => key removed successfully
HKCR\CLSID\{72E8FF3F-6D64-4D62-84BB-251D6FCBEABC} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKU\S-1-5-21-1929903500-702496554-4106183244-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Administrator\AppData\Local\Temp => moved successfully
C:\Users\PC-Download\AppData\Local\Temp => moved successfully

"C:\Users\User\AppData\Local\Temp" folder move:

Could not move "C:\Users\User\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1317B1A3-349F-4B30-A56E-23ED384C957A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1317B1A3-349F-4B30-A56E-23ED384C957A}" => key removed successfully
C:\Windows\System32\Tasks\update-S-1-5-21-1929903500-702496554-4106183244-1001 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-1929903500-702496554-4106183244-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{423CB35E-9358-4E9F-A75D-5FD0EF92B572}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{423CB35E-9358-4E9F-A75D-5FD0EF92B572}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => not found.
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4500431 B
Java, Flash, Steam htmlcache => 321603650 B
Windows/system/drivers => 52555664 B
Edge => 0 B
Chrome => 1080583 B
Firefox => 381792153 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 922167 B
LocalService => 79750 B
NetworkService => 0 B
User => 2015257557 B
PC-Download => 329021 B
Administrator => 18413 B

RecycleBin => 337260 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-12-2016 19:57:13)

C:\Users\User\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:57:13 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Wraith]

Vypadá to na normální stav, kdyby něco ozvu se, jinak děkuji za spolupráci. Přeji hezký zbytek neděle.

[Rudy]

Také hezký zbytek víkendu a nemáte zač!