Dobrý den,
po zastartování PC dojde na chvíli k zamrznutí PC - děje se tak už docela dlouho, zkoušeli jsme projíždět CCleanerem, Avastem, MalwareBytes Anti-Malwarem a nic nepomohlo. Prosím tedy o kontrolu logu s HijackThis.
Předem moc děkuji za pomoc
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:32:37, on 5.4.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera_crashreporter.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Users\user\Downloads\hijackthis (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 4510 series.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13280 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zamrznutí PC po startu na cca 5 minut
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznutí PC po startu na cca 5 minut
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznutí PC po startu na cca 5 minut
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznutí PC po startu na cca 5 minut
# AdwCleaner v6.045 - Log vytvořen 05/04/2017 v 22:34:32
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-04.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : user - USER-HP
# Spuštěno z : C:\Users\user\AppData\Local\Temp\scoped_dir8692_19148\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: LavasoftTcpService
[-] Služba smazána: WCAssistantService
***** [ Složky ] *****
[-] Složka smazána: C:\users\user\AppData\LocalLow\HPAppData
[-] Složka smazána: C:\ProgramData\Trymedia
[-] Složka smazána: C:\ProgramData\lavasoft\web companion
[-] Složka smazána: C:\ProgramData\Application Data\lavasoft\web companion
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
[-] Složka smazána: C:\Program Files (x86)\lavasoft\web companion
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
***** [ Soubory ] *****
[-] Soubor smazán: C:\users\user\Desktop\Goodgame Empire.lnk
[#] Soubor smazán: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Soubor smazán: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
[-] Soubor smazán: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Soubor smazán: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\speedupmypc
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\speedupmypc
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Klíč smazán: HKLM\SOFTWARE\Trymedia Systems
[-] Klíč smazán: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Hodnota smazána: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[-] Hodnota smazána: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6461 Bajty] - [05/04/2017 22:34:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [6414 Bajty] - [05/04/2017 22:33:46]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6607 Bajty] ##########
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-04.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : user - USER-HP
# Spuštěno z : C:\Users\user\AppData\Local\Temp\scoped_dir8692_19148\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: LavasoftTcpService
[-] Služba smazána: WCAssistantService
***** [ Složky ] *****
[-] Složka smazána: C:\users\user\AppData\LocalLow\HPAppData
[-] Složka smazána: C:\ProgramData\Trymedia
[-] Složka smazána: C:\ProgramData\lavasoft\web companion
[-] Složka smazána: C:\ProgramData\Application Data\lavasoft\web companion
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
[-] Složka smazána: C:\Program Files (x86)\lavasoft\web companion
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
***** [ Soubory ] *****
[-] Soubor smazán: C:\users\user\Desktop\Goodgame Empire.lnk
[#] Soubor smazán: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Soubor smazán: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
[-] Soubor smazán: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Soubor smazán: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Klíč smazán: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\speedupmypc
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\speedupmypc
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Klíč smazán: HKLM\SOFTWARE\Trymedia Systems
[-] Klíč smazán: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Hodnota smazána: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[-] Hodnota smazána: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6461 Bajty] - [05/04/2017 22:34:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [6414 Bajty] - [05/04/2017 22:33:46]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6607 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznutí PC po startu na cca 5 minut
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznutí PC po startu na cca 5 minut
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\user\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
SearchScopes: HKLM -> DefaultScope {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000 -> DefaultScope {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000 -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
U3 idsvc; no ImagePath
C:\WINDOWS\system32\ApnDatabase.xml
C:\Program Files\McAfee Security Scan
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\WINDOWS\system32\Drivers\asw11AA.tmp
C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {21C0E252-3165-4AF4-AD1F-8BB79C630DB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4EBA5F49-332A-4C43-A59B-D4CB062906F3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {67F9AE27-AE3B-4085-9321-1DAA2694C5BB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CC592A1-03E6-4FDB-A5F2-0C01E295458F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8D94F53A-AC59-46D2-B700-763F6B799A26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9E359690-49A4-4963-9DA8-C7104524E0AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} - System32\Tasks\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => pcalua.exe -a C:\Users\user\Downloads\zumadeluxe_demo.exe -d C:\Users\user\Downloads
Task: {CE0FB0C4-280B-4E01-8279-462C58C85B3B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED8349D2-E119-4A14-A1CE-A1D53FAC7874} - System32\Tasks\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => pcalua.exe -a C:\Users\user\Downloads\damafull.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} - System32\Tasks\{D8C08656-D819-4645-8454-D8807F247003} => pcalua.exe -a C:\Users\user\Downloads\Plex-Media-Server-0.9.712.407-db37d6d-en-US.exe -d C:\Users\user\Downloads
AlternateDataStreams: C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznutí PC po startu na cca 5 minut
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by user (06-04-2017 21:19:14) Run:1
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
SearchScopes: HKLM -> DefaultScope {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000 -> DefaultScope {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000 -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
U3 idsvc; no ImagePath
C:\WINDOWS\system32\ApnDatabase.xml
C:\Program Files\McAfee Security Scan
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\WINDOWS\system32\Drivers\asw11AA.tmp
C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {21C0E252-3165-4AF4-AD1F-8BB79C630DB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4EBA5F49-332A-4C43-A59B-D4CB062906F3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {67F9AE27-AE3B-4085-9321-1DAA2694C5BB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CC592A1-03E6-4FDB-A5F2-0C01E295458F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8D94F53A-AC59-46D2-B700-763F6B799A26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9E359690-49A4-4963-9DA8-C7104524E0AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} - System32\Tasks\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => pcalua.exe -a C:\Users\user\Downloads\zumadeluxe_demo.exe -d C:\Users\user\Downloads
Task: {CE0FB0C4-280B-4E01-8279-462C58C85B3B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED8349D2-E119-4A14-A1CE-A1D53FAC7874} - System32\Tasks\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => pcalua.exe -a C:\Users\user\Downloads\damafull.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} - System32\Tasks\{D8C08656-D819-4645-8454-D8807F247003} => pcalua.exe -a C:\Users\user\Downloads\Plex-Media-Server-0.9.712.407-db37d6d-en-US.exe -d C:\Users\user\Downloads
AlternateDataStreams: C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key removed successfully
HKCR\CLSID\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key removed successfully
HKCR\Wow6432Node\CLSID\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key not found.
HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key removed successfully
HKCR\CLSID\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
"C:\Program Files\McAfee Security Scan" folder move:
Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => moved successfully
C:\WINDOWS\system32\Drivers\asw11AA.tmp => moved successfully
C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21C0E252-3165-4AF4-AD1F-8BB79C630DB3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21C0E252-3165-4AF4-AD1F-8BB79C630DB3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EBA5F49-332A-4C43-A59B-D4CB062906F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EBA5F49-332A-4C43-A59B-D4CB062906F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{67F9AE27-AE3B-4085-9321-1DAA2694C5BB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67F9AE27-AE3B-4085-9321-1DAA2694C5BB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CC592A1-03E6-4FDB-A5F2-0C01E295458F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CC592A1-03E6-4FDB-A5F2-0C01E295458F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D94F53A-AC59-46D2-B700-763F6B799A26} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D94F53A-AC59-46D2-B700-763F6B799A26} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E359690-49A4-4963-9DA8-C7104524E0AD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E359690-49A4-4963-9DA8-C7104524E0AD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} => key removed successfully
C:\WINDOWS\System32\Tasks\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE0FB0C4-280B-4E01-8279-462C58C85B3B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE0FB0C4-280B-4E01-8279-462C58C85B3B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED8349D2-E119-4A14-A1CE-A1D53FAC7874} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED8349D2-E119-4A14-A1CE-A1D53FAC7874} => key removed successfully
C:\WINDOWS\System32\Tasks\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} => key removed successfully
C:\WINDOWS\System32\Tasks\{D8C08656-D819-4645-8454-D8807F247003} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D8C08656-D819-4645-8454-D8807F247003} => key removed successfully
C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully.
C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24472708 B
Java, Flash, Steam htmlcache => 850 B
Windows/system/drivers => 95788 B
Edge => 1273 B
Chrome => 384322163 B
Firefox => 30475819 B
Opera => 487974255 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 66834 B
NetworkService => 0 B
user => 98115336 B
RecycleBin => 0 B
EmptyTemp: => 978 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-04-2017 21:26:04)
C:\Program Files\McAfee Security Scan => Is moved successfully
==== End of Fixlog 21:26:04 ====
Ran by user (06-04-2017 21:19:14) Run:1
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
SearchScopes: HKLM -> DefaultScope {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000 -> DefaultScope {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3758773303-2342552062-2968818899-1000 -> {2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
U3 idsvc; no ImagePath
C:\WINDOWS\system32\ApnDatabase.xml
C:\Program Files\McAfee Security Scan
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\WINDOWS\system32\Drivers\asw11AA.tmp
C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {21C0E252-3165-4AF4-AD1F-8BB79C630DB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4EBA5F49-332A-4C43-A59B-D4CB062906F3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {67F9AE27-AE3B-4085-9321-1DAA2694C5BB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CC592A1-03E6-4FDB-A5F2-0C01E295458F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8D94F53A-AC59-46D2-B700-763F6B799A26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9E359690-49A4-4963-9DA8-C7104524E0AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} - System32\Tasks\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => pcalua.exe -a C:\Users\user\Downloads\zumadeluxe_demo.exe -d C:\Users\user\Downloads
Task: {CE0FB0C4-280B-4E01-8279-462C58C85B3B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED8349D2-E119-4A14-A1CE-A1D53FAC7874} - System32\Tasks\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => pcalua.exe -a C:\Users\user\Downloads\damafull.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} - System32\Tasks\{D8C08656-D819-4645-8454-D8807F247003} => pcalua.exe -a C:\Users\user\Downloads\Plex-Media-Server-0.9.712.407-db37d6d-en-US.exe -d C:\Users\user\Downloads
AlternateDataStreams: C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key removed successfully
HKCR\CLSID\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key removed successfully
HKCR\Wow6432Node\CLSID\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key not found.
HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3758773303-2342552062-2968818899-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key removed successfully
HKCR\CLSID\{2BB59FB0-D709-45A2-92F9-D215E9D4C1B6} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
"C:\Program Files\McAfee Security Scan" folder move:
Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => moved successfully
C:\WINDOWS\system32\Drivers\asw11AA.tmp => moved successfully
C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21C0E252-3165-4AF4-AD1F-8BB79C630DB3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21C0E252-3165-4AF4-AD1F-8BB79C630DB3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{394D7598-6D9E-4BA7-AA4F-D1CFFD6C0D62} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FBAD399-568E-48FC-B41A-D6ACF7EEBD28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C819E2B-8AE3-4FFC-A117-4204B86BF9E0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EBA5F49-332A-4C43-A59B-D4CB062906F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EBA5F49-332A-4C43-A59B-D4CB062906F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{67F9AE27-AE3B-4085-9321-1DAA2694C5BB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67F9AE27-AE3B-4085-9321-1DAA2694C5BB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CC592A1-03E6-4FDB-A5F2-0C01E295458F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CC592A1-03E6-4FDB-A5F2-0C01E295458F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D94F53A-AC59-46D2-B700-763F6B799A26} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D94F53A-AC59-46D2-B700-763F6B799A26} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BC477C2-AFB4-4831-AC66-6F4B02D07B4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E359690-49A4-4963-9DA8-C7104524E0AD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E359690-49A4-4963-9DA8-C7104524E0AD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF58E9D4-6CF6-4D77-AC93-5005A95DEC1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5DDC5EC-4E14-49BB-9FBF-F59806AFC1E6} => key removed successfully
C:\WINDOWS\System32\Tasks\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6F6B1E81-EA1B-46C1-9A7F-B525395525DA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE0FB0C4-280B-4E01-8279-462C58C85B3B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE0FB0C4-280B-4E01-8279-462C58C85B3B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED8349D2-E119-4A14-A1CE-A1D53FAC7874} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED8349D2-E119-4A14-A1CE-A1D53FAC7874} => key removed successfully
C:\WINDOWS\System32\Tasks\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9D9F9B5D-7340-4D2E-866E-8170C97DC367} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE79A6E-C0B1-401F-8EF1-DCCF92450B8D} => key removed successfully
C:\WINDOWS\System32\Tasks\{D8C08656-D819-4645-8454-D8807F247003} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D8C08656-D819-4645-8454-D8807F247003} => key removed successfully
C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully.
C:\Users\user\Documents\Obrázek (2) – kopie.jpg.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24472708 B
Java, Flash, Steam htmlcache => 850 B
Windows/system/drivers => 95788 B
Edge => 1273 B
Chrome => 384322163 B
Firefox => 30475819 B
Opera => 487974255 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 66834 B
NetworkService => 0 B
user => 98115336 B
RecycleBin => 0 B
EmptyTemp: => 978 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-04-2017 21:26:04)
C:\Program Files\McAfee Security Scan => Is moved successfully
==== End of Fixlog 21:26:04 ====
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznutí PC po startu na cca 5 minut
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?