VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomalý notebook

https://forum.viry.cz:443/viewtopic.php?t=150856

Stránka 1 z 1

Pomalý notebook

Napsal: 14 pro 2016 19:57
od Murysak
Dobrý den,
prosím o kontrolu poslední dobou velmi zpomaleného NB.
Vkládám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Všichni (administrator) on VERUNKA (14-12-2016 19:01:38)
Running from C:\Users\Všichni\Desktop
Loaded Profiles: Všichni (Available Profiles: Martin & Všichni)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Pokki) C:\Users\Všichni\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
Failed to access process -> OneDrive.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\McUICnt.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Pokki) C:\Users\Všichni\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Všichni\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Všichni\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-12-26] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-07-22] (Cisco Systems, Inc.)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [Minecraft-1] => wscript.exe //B "C:\Users\Všichni\AppData\Local\Temp\Minecraft-1.7.2-plna-hra-zdarma.rar.vbs" <===== ATTENTION
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-12-02] (Electronic Arts)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\RunOnce: [Application Restart #4] => C:\Users\Všichni\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7874024 2016-09-18] (Pokki)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\MountPoints2: {6cb303f6-95e3-11e6-8373-8cdcd47982ef} - "F:\Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Všichni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-04-06]
ShortcutTarget: IMVU.lnk -> C:\Users\Všichni\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: -> Catalog9 - Broken internet access due to missing entry. <===== ATTENTION
Winsock: -> Catalog9-x64 - Broken internet access due to missing entry. <===== ATTENTION
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.107.4.100 10.107.4.129
Tcpip\..\Interfaces\{48d5d0e3-c971-4ac1-96b1-8b7123247b77}: [DhcpNameServer] 10.107.4.100 10.107.4.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {43CCCD74-648C-496F-B2BE-2DA40FFA2513} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {43CCCD74-648C-496F-B2BE-2DA40FFA2513} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> {43CCCD74-648C-496F-B2BE-2DA40FFA2513} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> {5F26744E-6407-431E-8603-DF48776A0E26} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> {FC35D6A4-69EE-4501-BBE6-4D9EF8E45512} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> hxxps://www.seznam.cz/

FireFox:
========
FF DefaultProfile: 3j76rsjx.default
FF ProfilePath: C:\Users\Všichni\AppData\Roaming\Mozilla\Firefox\Profiles\3j76rsjx.default [2016-12-14]
FF Extension: (Firefox Hotfix) - C:\Users\Všichni\AppData\Roaming\Mozilla\Firefox\Profiles\3j76rsjx.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-05]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\Všichni\AppData\Roaming\Mozilla\Firefox\Profiles\3j76rsjx.default\features\{49b92219-fc9f-406c-9f03-04a4f642badb}\malware-remediation@mozilla.org.xpi [2016-09-30]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-02-01] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3063416917-3957878483-2118656444-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Všichni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-24] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default [2016-12-11]
CHR Extension: (Prezentace Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-21]
CHR Extension: (Dokumenty Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Tabulky Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-14]
CHR Extension: (Norton Safe) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-13]
CHR Profile: C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-11]
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2015-09-18] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-12-02] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-12-02] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-12-26] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-19] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-19] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [602352 2015-08-11] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [67680 2016-09-02] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-07-22] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-14 19:01 - 2016-12-14 19:02 - 00017931 _____ C:\Users\Všichni\Desktop\FRST.txt
2016-12-14 18:57 - 2016-12-14 19:01 - 00000000 ____D C:\FRST
2016-12-14 18:56 - 2016-12-11 20:14 - 02420224 _____ (Farbar) C:\Users\Všichni\Desktop\FRST64.exe
2016-12-11 20:16 - 2016-12-11 20:16 - 00002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-12-11 20:16 - 2016-12-11 20:16 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-11 20:16 - 2016-12-11 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-11 20:16 - 2016-12-11 20:16 - 00000000 ____D C:\Program Files\CCleaner
2016-11-14 18:47 - 2016-11-14 18:47 - 00130560 _____ C:\Users\Všichni\Downloads\autobaterie.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-14 17:41 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-14 17:02 - 2016-09-12 03:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-14 17:01 - 2014-10-31 16:01 - 00000000 ____D C:\Users\Všichni\AppData\Local\SweetLabs App Platform
2016-12-11 20:47 - 2015-12-25 08:45 - 00000000 ____D C:\ProgramData\Origin
2016-12-11 20:44 - 2016-10-19 14:19 - 00000000 ____D C:\Users\Všichni\AppData\Roaming\DAEMON Tools Lite
2016-12-11 20:43 - 2016-09-12 16:31 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-11 20:43 - 2016-09-12 04:06 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-11 20:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-11 20:43 - 2015-01-05 19:57 - 00000000 ____D C:\Users\Všichni\AppData\Local\CrashDumps
2016-12-10 17:11 - 2016-09-12 03:14 - 00000000 ____D C:\Users\Všichni
2016-12-10 17:00 - 2016-09-12 03:13 - 03984432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-10 17:00 - 2016-07-16 23:25 - 01723542 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-10 17:00 - 2016-07-16 23:25 - 00476472 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-10 16:56 - 2016-09-12 03:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-09 21:53 - 2015-12-25 08:52 - 00000000 ____D C:\Users\Všichni\AppData\Roaming\Origin
2016-12-09 20:51 - 2016-06-11 19:02 - 00000000 ____D C:\Users\Všichni\Desktop\filmy
2016-12-09 20:29 - 2014-08-19 03:44 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-12-09 20:18 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-12-02 18:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-02 18:07 - 2014-10-31 16:03 - 00000000 ____D C:\Users\Všichni\Documents\Youcam
2016-12-02 17:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-02 17:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-02 17:08 - 2016-04-10 10:33 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-02 11:08 - 2016-08-15 08:03 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForVšichni.job
2016-12-01 18:39 - 2016-09-12 03:30 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForVšichni
2016-11-27 16:14 - 2016-10-17 19:45 - 01945600 _____ C:\Users\Všichni\Desktop\Vanoce 2016.ppt
2016-11-24 23:08 - 2015-02-21 11:14 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-24 23:08 - 2015-02-21 11:14 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-16 22:37 - 2015-02-21 11:11 - 00000000 ____D C:\Users\Všichni\AppData\Local\Google

==================== Files in the root of some directories =======

2016-02-27 22:35 - 2016-12-14 18:49 - 0682658 _____ () C:\Users\Všichni\AppData\Local\BTServer.log
2016-09-23 17:38 - 2016-09-23 17:38 - 0000017 _____ () C:\Users\Všichni\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-09 14:01

==================== End of FRST.txt ============================

Re: Pomalý notebook

Napsal: 14 pro 2016 21:08
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Pomalý notebook

Napsal: 15 pro 2016 18:04
od Murysak
# AdwCleaner v6.040 - Log vytvořen 15/12/2016 v 17:55:18
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-02.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Všichni - VERUNKA
# Spuštěno z : C:\Users\Všichni\Desktop\adwcleaner_6.040.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Martin\AppData\Local\pokki
[#] Složka smazána po restartu: C:\Users\Martin\AppData\Local\Pokki
[#] Složka smazána po restartu: C:\Users\Všichni\AppData\Local\SweetLabs App Platform
[-] Složka smazána: C:\Users\Default User\AppData\Local\Pokki
[#] Složka smazána po restartu: C:\Users\Default\AppData\Local\Pokki


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Všichni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] Soubor smazán: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: SweetLabs App Platform


***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\ac3f08b39549bcf9d81c2d271faa3dca
[-] Klíč smazán: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Classes\pokki
[#] Klíč smazán po restartu: HKCU\Software\Classes\pokki
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\pokki
[-] Klíč smazán: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\SweetLabs App Platform
[-] Klíč smazán: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[-] Klíč smazán: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Klíč smazán: HKCU\Software\SweetLabs App Platform
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Klíč smazán po restartu: [x64] HKCU\Software\SweetLabs App Platform
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Klíč smazán: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Internet Explorer\SearchScopes\{FC35D6A4-69EE-4501-BBE6-4D9EF8E45512}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FC35D6A4-69EE-4501-BBE6-4D9EF8E45512}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FC35D6A4-69EE-4501-BBE6-4D9EF8E45512}
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akcniceny.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bambule.akcniceny.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\sjidelnicek.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.akcniceny.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akcniceny.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bambule.akcniceny.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\sjidelnicek.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bambule.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\sjidelnicek.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bambule.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\sjidelnicek.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.akcniceny.cz
[-] Hodnota smazána: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
[-] Klíč smazán: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Klíč smazán: HKCU\Software\Classes\Directory\shell\pokki
[-] Klíč smazán: HKCU\Software\Classes\Drive\shell\pokki
[-] Klíč smazán: HKCU\Software\Classes\lnkfile\shell\pokki


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7088 Bajty] - [15/12/2016 17:55:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [7104 Bajty] - [15/12/2016 17:20:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7234 Bajty] ##########

Re: Pomalý notebook

Napsal: 15 pro 2016 18:27
od Rudy
Dejte nový log FRST.

Re: Pomalý notebook

Napsal: 15 pro 2016 19:20
od Murysak
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Všichni (administrator) on VERUNKA (15-12-2016 19:12:54)
Running from C:\Users\Všichni\Desktop
Loaded Profiles: Všichni (Available Profiles: Martin & Všichni)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-12-26] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-07-22] (Cisco Systems, Inc.)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [Minecraft-1] => wscript.exe //B "C:\Users\Všichni\AppData\Local\Temp\Minecraft-1.7.2-plna-hra-zdarma.rar.vbs" <===== ATTENTION
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-12-02] (Electronic Arts)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\RunOnce: [Application Restart #4] => C:\Users\Všichni\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\RunOnce: [Uninstall 17.3.6517.0809_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Všichni\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64"
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\RunOnce: [Uninstall 17.3.6517.0809_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Všichni\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1"
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\MountPoints2: {6cb303f6-95e3-11e6-8373-8cdcd47982ef} - "F:\Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Všichni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-04-06]
ShortcutTarget: IMVU.lnk -> C:\Users\Všichni\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.107.4.100 10.107.4.129
Tcpip\..\Interfaces\{48d5d0e3-c971-4ac1-96b1-8b7123247b77}: [DhcpNameServer] 10.107.4.100 10.107.4.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {43CCCD74-648C-496F-B2BE-2DA40FFA2513} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {43CCCD74-648C-496F-B2BE-2DA40FFA2513} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> {43CCCD74-648C-496F-B2BE-2DA40FFA2513} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> {5F26744E-6407-431E-8603-DF48776A0E26} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3063416917-3957878483-2118656444-1005 -> hxxps://www.seznam.cz/

FireFox:
========
FF DefaultProfile: 3j76rsjx.default
FF ProfilePath: C:\Users\Všichni\AppData\Roaming\Mozilla\Firefox\Profiles\3j76rsjx.default [2016-12-15]
FF Extension: (Firefox Hotfix) - C:\Users\Všichni\AppData\Roaming\Mozilla\Firefox\Profiles\3j76rsjx.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-05]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\Všichni\AppData\Roaming\Mozilla\Firefox\Profiles\3j76rsjx.default\features\{49b92219-fc9f-406c-9f03-04a4f642badb}\malware-remediation@mozilla.org.xpi [2016-09-30]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-02-01] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3063416917-3957878483-2118656444-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Všichni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-24] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default [2016-12-15]
CHR Extension: (Prezentace Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-21]
CHR Extension: (Dokumenty Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Tabulky Google) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-14]
CHR Extension: (Norton Safe) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-13]
CHR Profile: C:\Users\Všichni\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-11]
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2015-09-18] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-12-02] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-12-02] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-12-26] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-19] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-19] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [602352 2015-08-11] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [67680 2016-09-02] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-07-22] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-15 18:04 - 2016-12-15 18:04 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-15 17:16 - 2016-12-15 17:55 - 00000000 ____D C:\AdwCleaner
2016-12-15 17:16 - 2016-12-15 17:10 - 03968464 _____ C:\Users\Všichni\Desktop\adwcleaner_6.040.exe
2016-12-14 19:03 - 2016-12-14 19:05 - 00028780 _____ C:\Users\Všichni\Desktop\Addition.txt
2016-12-14 19:01 - 2016-12-15 19:13 - 00017471 _____ C:\Users\Všichni\Desktop\FRST.txt
2016-12-14 18:57 - 2016-12-15 19:12 - 00000000 ____D C:\FRST
2016-12-14 18:56 - 2016-12-11 20:14 - 02420224 _____ (Farbar) C:\Users\Všichni\Desktop\FRST64.exe
2016-12-11 20:16 - 2016-12-11 20:16 - 00002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-12-11 20:16 - 2016-12-11 20:16 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-11 20:16 - 2016-12-11 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-11 20:16 - 2016-12-11 20:16 - 00000000 ____D C:\Program Files\CCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-15 19:12 - 2016-09-12 03:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-15 19:01 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-15 19:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-15 18:27 - 2014-10-31 16:02 - 00000000 ____D C:\Users\Všichni\AppData\Local\Packages
2016-12-15 18:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-15 18:07 - 2016-09-12 03:30 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForVšichni
2016-12-15 18:07 - 2016-08-15 08:03 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForVšichni.job
2016-12-15 18:04 - 2016-09-12 03:13 - 04184982 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 18:04 - 2016-07-16 23:25 - 01827128 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-15 18:04 - 2016-07-16 23:25 - 00507272 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-15 18:04 - 2015-11-16 22:25 - 00002442 _____ C:\Users\Všichni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-15 18:04 - 2015-11-16 22:25 - 00000000 ___RD C:\Users\Všichni\OneDrive
2016-12-15 18:02 - 2014-10-31 16:03 - 00000000 ____D C:\Users\Všichni\Documents\Youcam
2016-12-15 17:58 - 2016-09-12 03:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-15 17:57 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-12-15 17:57 - 2014-08-19 03:44 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-12-15 17:52 - 2014-10-31 16:01 - 00000000 ____D C:\Users\Všichni\AppData\Local\SweetLabs App Platform
2016-12-14 17:41 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-11 20:47 - 2015-12-25 08:45 - 00000000 ____D C:\ProgramData\Origin
2016-12-11 20:44 - 2016-10-19 14:19 - 00000000 ____D C:\Users\Všichni\AppData\Roaming\DAEMON Tools Lite
2016-12-11 20:43 - 2016-09-12 16:31 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-11 20:43 - 2016-09-12 04:06 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-11 20:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-11 20:43 - 2015-01-05 19:57 - 00000000 ____D C:\Users\Všichni\AppData\Local\CrashDumps
2016-12-10 17:11 - 2016-09-12 03:14 - 00000000 ____D C:\Users\Všichni
2016-12-09 21:53 - 2015-12-25 08:52 - 00000000 ____D C:\Users\Všichni\AppData\Roaming\Origin
2016-12-09 20:51 - 2016-06-11 19:02 - 00000000 ____D C:\Users\Všichni\Desktop\filmy
2016-12-02 18:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-02 17:08 - 2016-04-10 10:33 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-27 16:14 - 2016-10-17 19:45 - 01945600 _____ C:\Users\Všichni\Desktop\Vanoce 2016.ppt
2016-11-24 23:08 - 2015-02-21 11:14 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-24 23:08 - 2015-02-21 11:14 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-16 22:37 - 2015-02-21 11:11 - 00000000 ____D C:\Users\Všichni\AppData\Local\Google

==================== Files in the root of some directories =======

2016-02-27 22:35 - 2016-12-15 18:01 - 0684724 _____ () C:\Users\Všichni\AppData\Local\BTServer.log
2016-09-23 17:38 - 2016-09-23 17:38 - 0000017 _____ () C:\Users\Všichni\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Všichni\AppData\Local\Temp\libeay32.dll
C:\Users\Všichni\AppData\Local\Temp\msvcr120.dll
C:\Users\Všichni\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-09 14:01

==================== End of FRST.txt ============================

Re: Pomalý notebook

Napsal: 15 pro 2016 20:06
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [Minecraft-1] => wscript.exe //B "C:\Users\Všichni\AppData\Local\Temp\Minecraft-1.7.2-plna-hra-zdarma.rar.vbs" <===== ATTENTION
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\MountPoints2: {6cb303f6-95e3-11e6-8373-8cdcd47982ef} - "F:\Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
ShortcutTarget: IMVU.lnk -> C:\Users\Všichni\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
C:\Users\Všichni\AppData\Local\Temp

EmptyTemp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Pomalý notebook

Napsal: 15 pro 2016 20:36
od Murysak
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Všichni (15-12-2016 20:34:42) Run:1
Running from C:\Users\Všichni\Desktop
Loaded Profiles: Všichni (Available Profiles: Martin & Všichni)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\Run: [Minecraft-1] => wscript.exe //B "C:\Users\Všichni\AppData\Local\Temp\Minecraft-1.7.2-plna-hra-zdarma.rar.vbs" <===== ATTENTION
HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\...\MountPoints2: {6cb303f6-95e3-11e6-8373-8cdcd47982ef} - "F:\Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
ShortcutTarget: IMVU.lnk -> C:\Users\Všichni\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
C:\Users\Všichni\AppData\Local\Temp

EmptyTemp
End
*****************

HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Minecraft-1 => value removed successfully
"HKU\S-1-5-21-3063416917-3957878483-2118656444-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cb303f6-95e3-11e6-8373-8cdcd47982ef}" => key removed successfully
HKCR\CLSID\{6cb303f6-95e3-11e6-8373-8cdcd47982ef} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe => moved successfully
C:\Program Files\McAfee Security Scan => moved successfully
C:\Users\Všichni\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe => not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully
C:\Users\Všichni\AppData\Local\Temp => moved successfully
EmptyTemp => Error: No automatic fix found for this entry.

==== End of Fixlog 20:34:44 ====

Re: Pomalý notebook

Napsal: 15 pro 2016 21:10
od Rudy
OK. Nastala nějaká změna?

Re: Pomalý notebook

Napsal: 15 pro 2016 21:15
od Murysak
Změna nastala ohromná. PC reaguje naprosto standardně a dokonce i Wi-Fi jde zapnout :D
Mnohokrát děkuji za pomoc

Re: Pomalý notebook

Napsal: 15 pro 2016 21:21
od Rudy
Tak to jsem rád. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz