VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu, zpomalený notebook

https://forum.viry.cz:443/viewtopic.php?t=153756

Stránka 1 z 1

Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 10:16
od 25kubis
Ahoj, prosím o kontrolu, zpomalený notebook a nereagující a odinstalovaná Avira, nyní nainstalován Avast.
Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by kuba (administrator) on PC (13-02-2018 10:05:38)
Running from C:\Users\kuba\Desktop
Loaded Profiles: kuba (Available Profiles: kuba)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe\CompanionApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-11] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [243496 2018-02-13] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\...\MountPoints2: {e7dbd70a-80bb-11e7-84a5-6cc217e1a403} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2017-09-29] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1 93.185.0.5 93.185.0.6
Tcpip\..\Interfaces\{621e7bb9-a34f-4072-a972-224f1d5c56fc}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{b9bfbc13-3620-4bb1-a7a4-80e7e6498e89}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e856493a-a73a-44e7-a070-4dc021ece301}: [DhcpNameServer] 192.168.15.1 93.185.0.5 93.185.0.6

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {2AC79629-C1C7-42C2-AA09-53915A75F7B9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {2AC79629-C1C7-42C2-AA09-53915A75F7B9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2655183068-154541278-2288605057-1001 -> {CE0CE471-AE10-4C52-B271-A2E1D693E047} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2655183068-154541278-2288605057-1001 -> hxxp://www.seznam.cz/
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2018-01-17]

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7564512 2018-02-13] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [300600 2018-02-13] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-12-11] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-09] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-09] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [192944 2018-02-13] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-02-13] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-02-13] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-02-13] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-02-13] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [190440 2018-02-13] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-02-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-02-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-02-13] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-02-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-02-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459952 2018-02-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205464 2018-02-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379448 2018-02-13] (AVAST Software)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
U1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2018-02-13] ()
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-09] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-09] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30392 2017-04-25] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 10:05 - 2018-02-13 10:06 - 000013901 _____ C:\Users\kuba\Desktop\FRST.txt
2018-02-13 10:01 - 2018-02-13 10:01 - 002405376 _____ (Farbar) C:\Users\kuba\Desktop\FRST64.exe
2018-02-13 09:48 - 2018-02-13 09:48 - 000000000 ____D C:\Users\kuba\AppData\Roaming\AVAST Software
2018-02-13 09:47 - 2018-02-13 09:47 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-13 09:47 - 2018-02-13 09:47 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-02-13 09:47 - 2018-02-13 09:47 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-02-13 09:47 - 2018-02-13 09:47 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-02-13 09:47 - 2018-02-13 09:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-02-13 09:46 - 2018-02-13 09:46 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-02-13 09:46 - 2018-02-13 09:46 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-02-13 09:46 - 2018-02-13 09:45 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-02-13 09:46 - 2018-02-13 09:45 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-02-13 09:46 - 2018-02-13 09:45 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-02-13 09:41 - 2018-02-13 09:41 - 000000000 ____D C:\Program Files\AVAST Software
2018-02-13 09:40 - 2018-02-13 09:46 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-12 10:37 - 2018-02-12 10:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-09 08:36 - 2018-02-09 08:36 - 005357088 _____ (Avira Operations GmbH & Co. KG) C:\Users\kuba\Downloads\avira_en_fass0_5a7c44180e975__ws.exe
2018-02-06 10:22 - 2018-02-06 10:22 - 000291995 _____ C:\Users\kuba\Desktop\2018203949.pdf
2018-01-17 09:21 - 2018-01-17 10:42 - 000000000 ____D C:\Users\kuba\AppData\Local\PlaceholderTileLogoFolder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 10:05 - 2016-09-16 13:14 - 000000000 ____D C:\FRST
2018-02-13 09:58 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-13 09:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-13 09:26 - 2017-12-04 09:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-13 07:57 - 2017-12-04 09:34 - 000003222 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForkuba
2018-02-13 07:57 - 2016-04-26 11:16 - 000000334 _____ C:\WINDOWS\Tasks\HPCeeScheduleForkuba.job
2018-02-13 07:54 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-13 07:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-13 07:53 - 2017-12-04 09:34 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B851DE28-4422-48D9-9631-6C8131EEAA81}
2018-02-13 07:51 - 2015-02-09 08:22 - 000000000 ____D C:\Users\kuba\Documents\Youcam
2018-02-13 07:50 - 2014-12-20 11:11 - 000000000 __SHD C:\Users\kuba\IntelGraphicsProfiles
2018-02-12 10:37 - 2017-12-04 09:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-12 10:36 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-09 12:38 - 2017-12-04 09:08 - 000000000 ____D C:\Users\kuba\AppData\Local\Packages
2018-02-09 12:32 - 2014-09-23 08:09 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-09 12:32 - 2014-09-22 08:01 - 000000000 ____D C:\ProgramData\Avira
2018-02-09 12:18 - 2016-05-11 15:56 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-02-09 12:18 - 2014-09-22 08:04 - 000000000 ____D C:\Users\kuba\AppData\Roaming\Avira
2018-02-08 13:09 - 2015-03-13 09:22 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-02-08 12:59 - 2017-12-04 09:07 - 000000000 ____D C:\Users\kuba
2018-02-08 11:46 - 2014-08-21 10:51 - 000000000 ___RD C:\Users\kuba\OneDrive
2018-02-07 09:13 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-25 08:14 - 2017-12-04 09:34 - 000003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2655183068-154541278-2288605057-1001
2018-01-25 08:14 - 2015-12-11 12:01 - 000002391 _____ C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-12 09:46

==================== End of FRST.txt ============================

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 10:28
od 25kubis
Log Addition

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 13:05
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 13:25
od 25kubis
Dávám log:

# AdwCleaner 7.0.8.0 - Logfile created on Tue Feb 13 12:18:17 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\NERO\NERO TUNEITUP
Deleted: C:\Users\All Users\NERO\NERO TUNEITUP


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ceskedalnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ceskedalnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ceskedalnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ceskedalnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1416 B] - [2016/9/21 16:6:52]
C:/AdwCleaner/AdwCleaner[S0].txt - [1680 B] - [2016/9/21 16:6:9]
C:/AdwCleaner/AdwCleaner[S1].txt - [3064 B] - [2018/2/13 12:15:28]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 15:02
od Rudy
Dejte nový log FRST.

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 17:05
od 25kubis
Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by kuba (administrator) on PC (13-02-2018 17:00:42)
Running from C:\Users\kuba\Desktop
Loaded Profiles: kuba (Available Profiles: kuba)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-11] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [243496 2018-02-13] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\...\MountPoints2: {e7dbd70a-80bb-11e7-84a5-6cc217e1a403} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2017-09-29] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1 93.185.0.5 93.185.0.6
Tcpip\..\Interfaces\{621e7bb9-a34f-4072-a972-224f1d5c56fc}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{b9bfbc13-3620-4bb1-a7a4-80e7e6498e89}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e856493a-a73a-44e7-a070-4dc021ece301}: [DhcpNameServer] 192.168.15.1 93.185.0.5 93.185.0.6

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {2AC79629-C1C7-42C2-AA09-53915A75F7B9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {2AC79629-C1C7-42C2-AA09-53915A75F7B9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2655183068-154541278-2288605057-1001 -> {CE0CE471-AE10-4C52-B271-A2E1D693E047} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2655183068-154541278-2288605057-1001 -> hxxp://www.seznam.cz/
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2018-01-17]

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7564512 2018-02-13] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [300600 2018-02-13] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-12-11] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-09] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-09] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [192944 2018-02-13] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-02-13] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-02-13] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-02-13] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-02-13] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [190440 2018-02-13] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-02-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-02-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-02-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-02-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-02-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459952 2018-02-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205464 2018-02-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379448 2018-02-13] (AVAST Software)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-09] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-09] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30392 2017-04-25] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 13:11 - 2018-02-13 13:11 - 008222496 _____ (Malwarebytes) C:\Users\kuba\Desktop\adwcleaner_7.0.8.0.exe
2018-02-13 10:05 - 2018-02-13 17:01 - 000013407 _____ C:\Users\kuba\Desktop\FRST.txt
2018-02-13 10:01 - 2018-02-13 10:01 - 002405376 _____ (Farbar) C:\Users\kuba\Desktop\FRST64.exe
2018-02-13 09:48 - 2018-02-13 09:48 - 000000000 ____D C:\Users\kuba\AppData\Roaming\AVAST Software
2018-02-13 09:47 - 2018-02-13 09:47 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-13 09:47 - 2018-02-13 09:47 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-02-13 09:47 - 2018-02-13 09:47 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-02-13 09:47 - 2018-02-13 09:47 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-02-13 09:47 - 2018-02-13 09:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-02-13 09:46 - 2018-02-13 09:46 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-02-13 09:46 - 2018-02-13 09:46 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-02-13 09:46 - 2018-02-13 09:46 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-02-13 09:46 - 2018-02-13 09:45 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-02-13 09:46 - 2018-02-13 09:45 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-02-13 09:46 - 2018-02-13 09:45 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-02-13 09:46 - 2018-02-13 09:44 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-02-13 09:41 - 2018-02-13 09:41 - 000000000 ____D C:\Program Files\AVAST Software
2018-02-13 09:40 - 2018-02-13 10:50 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-12 10:37 - 2018-02-12 10:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-09 08:36 - 2018-02-09 08:36 - 005357088 _____ (Avira Operations GmbH & Co. KG) C:\Users\kuba\Downloads\avira_en_fass0_5a7c44180e975__ws.exe
2018-02-06 10:22 - 2018-02-06 10:22 - 000291995 _____ C:\Users\kuba\Desktop\2018203949.pdf
2018-01-17 09:21 - 2018-01-17 10:42 - 000000000 ____D C:\Users\kuba\AppData\Local\PlaceholderTileLogoFolder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 17:00 - 2016-09-16 13:14 - 000000000 ____D C:\FRST
2018-02-13 16:59 - 2017-12-04 09:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-13 14:33 - 2017-12-04 09:34 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B851DE28-4422-48D9-9631-6C8131EEAA81}
2018-02-13 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-13 13:25 - 2015-02-09 08:22 - 000000000 ____D C:\Users\kuba\Documents\Youcam
2018-02-13 13:21 - 2014-12-20 11:11 - 000000000 __SHD C:\Users\kuba\IntelGraphicsProfiles
2018-02-13 13:19 - 2017-12-04 09:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-13 13:19 - 2016-04-26 11:16 - 000000334 _____ C:\WINDOWS\Tasks\HPCeeScheduleForkuba.job
2018-02-13 13:18 - 2017-12-22 12:42 - 000000000 ____D C:\ProgramData\Nero
2018-02-13 13:18 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-13 13:18 - 2016-09-21 17:04 - 000000000 ____D C:\AdwCleaner
2018-02-13 09:58 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-13 07:57 - 2017-12-04 09:34 - 000003222 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForkuba
2018-02-13 07:54 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-13 07:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-09 12:38 - 2017-12-04 09:08 - 000000000 ____D C:\Users\kuba\AppData\Local\Packages
2018-02-09 12:32 - 2014-09-23 08:09 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-09 12:32 - 2014-09-22 08:01 - 000000000 ____D C:\ProgramData\Avira
2018-02-09 12:18 - 2016-05-11 15:56 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-02-09 12:18 - 2014-09-22 08:04 - 000000000 ____D C:\Users\kuba\AppData\Roaming\Avira
2018-02-08 13:09 - 2015-03-13 09:22 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-02-08 12:59 - 2017-12-04 09:07 - 000000000 ____D C:\Users\kuba
2018-02-08 11:46 - 2014-08-21 10:51 - 000000000 ___RD C:\Users\kuba\OneDrive
2018-02-07 09:13 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-25 08:14 - 2017-12-04 09:34 - 000003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2655183068-154541278-2288605057-1001
2018-01-25 08:14 - 2015-12-11 12:01 - 000002391 _____ C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-12 09:46

==================== End of FRST.txt ============================

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 17:07
od 25kubis
Addition log 2:

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 13 úno 2018 18:00
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\...\MountPoints2: {e7dbd70a-80bb-11e7-84a5-6cc217e1a403} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {000BAEC8-D433-40EF-B8DC-D56A64CD97AC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0BEE9326-FDC0-4741-9336-84145AF724DC} - System32\Tasks\{0EED8C83-0525-4483-B138-6A2F7C6A2930} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\kuba\Desktop\avenger.exe -d C:\Users\kuba\Desktop
Task: {1D6BA51E-76D6-4CD1-923A-766833C1515B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {31987677-400A-430D-9E88-2C1C0C3FAE70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3530C21A-4E38-43AA-8C2F-1FC0590793E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {64D4931F-9172-40E4-8495-4F3444AADCE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {697EA93B-24C4-4D32-9744-4900FA075916} - \WPD\SqmUpload_S-1-5-21-2655183068-154541278-2288605057-1001 -> No File <==== ATTENTION
Task: {6D0B9173-E57A-4BAA-AEEC-1FBAB0A132B7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {82359DA7-B71E-4977-91BC-F03FFC5263F4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {852AC5FB-20E6-4E93-A6A0-F4BF98FCA546} - System32\Tasks\{804F5673-FD05-41C9-BE3C-D98B2E296A88} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\kuba\AppData\Roaming\Seznam Browser\uninstall.exe"
Task: {AE8D7750-2F94-4FFD-98F7-16E5D17AFABD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BA36502F-C9AB-4829-A076-566A6788E57E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BD9647A6-9011-44BE-9C5D-62C59DD2B3AE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C56CC4A6-2E14-4C90-AC47-9A04AA58739B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C6665AC2-93E7-4BCE-94C9-87D50A06670A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E157F365-F7EF-4742-AFD7-BAA1156ACF22} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FCE71506-0A19-4856-9CA5-9006ADE7E574} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 14 úno 2018 08:24
od 25kubis
Tak dávám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by kuba (14-02-2018 08:15:19) Run:3
Running from C:\Users\kuba\Desktop
Loaded Profiles: kuba (Available Profiles: kuba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2655183068-154541278-2288605057-1001\...\MountPoints2: {e7dbd70a-80bb-11e7-84a5-6cc217e1a403} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {000BAEC8-D433-40EF-B8DC-D56A64CD97AC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0BEE9326-FDC0-4741-9336-84145AF724DC} - System32\Tasks\{0EED8C83-0525-4483-B138-6A2F7C6A2930} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\kuba\Desktop\avenger.exe -d C:\Users\kuba\Desktop
Task: {1D6BA51E-76D6-4CD1-923A-766833C1515B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {31987677-400A-430D-9E88-2C1C0C3FAE70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3530C21A-4E38-43AA-8C2F-1FC0590793E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {64D4931F-9172-40E4-8495-4F3444AADCE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {697EA93B-24C4-4D32-9744-4900FA075916} - \WPD\SqmUpload_S-1-5-21-2655183068-154541278-2288605057-1001 -> No File <==== ATTENTION
Task: {6D0B9173-E57A-4BAA-AEEC-1FBAB0A132B7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {82359DA7-B71E-4977-91BC-F03FFC5263F4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {852AC5FB-20E6-4E93-A6A0-F4BF98FCA546} - System32\Tasks\{804F5673-FD05-41C9-BE3C-D98B2E296A88} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\kuba\AppData\Roaming\Seznam Browser\uninstall.exe"
Task: {AE8D7750-2F94-4FFD-98F7-16E5D17AFABD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BA36502F-C9AB-4829-A076-566A6788E57E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BD9647A6-9011-44BE-9C5D-62C59DD2B3AE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C56CC4A6-2E14-4C90-AC47-9A04AA58739B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C6665AC2-93E7-4BCE-94C9-87D50A06670A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E157F365-F7EF-4742-AFD7-BAA1156ACF22} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FCE71506-0A19-4856-9CA5-9006ADE7E574} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2655183068-154541278-2288605057-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7dbd70a-80bb-11e7-84a5-6cc217e1a403}" => removed successfully
HKLM\Software\Classes\CLSID\{e7dbd70a-80bb-11e7-84a5-6cc217e1a403} => key not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{000BAEC8-D433-40EF-B8DC-D56A64CD97AC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{000BAEC8-D433-40EF-B8DC-D56A64CD97AC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BEE9326-FDC0-4741-9336-84145AF724DC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BEE9326-FDC0-4741-9336-84145AF724DC} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\{0EED8C83-0525-4483-B138-6A2F7C6A2930} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0EED8C83-0525-4483-B138-6A2F7C6A2930} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D6BA51E-76D6-4CD1-923A-766833C1515B} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D6BA51E-76D6-4CD1-923A-766833C1515B} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31987677-400A-430D-9E88-2C1C0C3FAE70} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31987677-400A-430D-9E88-2C1C0C3FAE70} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3530C21A-4E38-43AA-8C2F-1FC0590793E7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3530C21A-4E38-43AA-8C2F-1FC0590793E7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{64D4931F-9172-40E4-8495-4F3444AADCE2} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64D4931F-9172-40E4-8495-4F3444AADCE2} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{697EA93B-24C4-4D32-9744-4900FA075916} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{697EA93B-24C4-4D32-9744-4900FA075916} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2655183068-154541278-2288605057-1001 => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D0B9173-E57A-4BAA-AEEC-1FBAB0A132B7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D0B9173-E57A-4BAA-AEEC-1FBAB0A132B7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82359DA7-B71E-4977-91BC-F03FFC5263F4} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82359DA7-B71E-4977-91BC-F03FFC5263F4} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{852AC5FB-20E6-4E93-A6A0-F4BF98FCA546} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{852AC5FB-20E6-4E93-A6A0-F4BF98FCA546} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\{804F5673-FD05-41C9-BE3C-D98B2E296A88} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{804F5673-FD05-41C9-BE3C-D98B2E296A88} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE8D7750-2F94-4FFD-98F7-16E5D17AFABD} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE8D7750-2F94-4FFD-98F7-16E5D17AFABD} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA36502F-C9AB-4829-A076-566A6788E57E} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA36502F-C9AB-4829-A076-566A6788E57E} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD9647A6-9011-44BE-9C5D-62C59DD2B3AE} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD9647A6-9011-44BE-9C5D-62C59DD2B3AE} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C56CC4A6-2E14-4C90-AC47-9A04AA58739B} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C56CC4A6-2E14-4C90-AC47-9A04AA58739B} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6665AC2-93E7-4BCE-94C9-87D50A06670A} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6665AC2-93E7-4BCE-94C9-87D50A06670A} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E157F365-F7EF-4742-AFD7-BAA1156ACF22} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E157F365-F7EF-4742-AFD7-BAA1156ACF22} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCE71506-0A19-4856-9CA5-9006ADE7E574} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCE71506-0A19-4856-9CA5-9006ADE7E574} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => could not remove key. ErrorCode1: 0x00000002

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39324245 B
Java, Flash, Steam htmlcache => 1314 B
Windows/system/drivers => 470704 B
Edge => 62168231 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1690 B
NetworkService => 1786 B
kuba => 728860 B

RecycleBin => 72510 B
EmptyTemp: => 105.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-02-2018 08:17:59)


Result of scheduled keys to remove after reboot:

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{000BAEC8-D433-40EF-B8DC-D56A64CD97AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{000BAEC8-D433-40EF-B8DC-D56A64CD97AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BEE9326-FDC0-4741-9336-84145AF724DC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BEE9326-FDC0-4741-9336-84145AF724DC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0EED8C83-0525-4483-B138-6A2F7C6A2930}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D6BA51E-76D6-4CD1-923A-766833C1515B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D6BA51E-76D6-4CD1-923A-766833C1515B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31987677-400A-430D-9E88-2C1C0C3FAE70}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31987677-400A-430D-9E88-2C1C0C3FAE70}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3530C21A-4E38-43AA-8C2F-1FC0590793E7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3530C21A-4E38-43AA-8C2F-1FC0590793E7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{64D4931F-9172-40E4-8495-4F3444AADCE2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64D4931F-9172-40E4-8495-4F3444AADCE2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{697EA93B-24C4-4D32-9744-4900FA075916}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{697EA93B-24C4-4D32-9744-4900FA075916}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2655183068-154541278-2288605057-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D0B9173-E57A-4BAA-AEEC-1FBAB0A132B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D0B9173-E57A-4BAA-AEEC-1FBAB0A132B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82359DA7-B71E-4977-91BC-F03FFC5263F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82359DA7-B71E-4977-91BC-F03FFC5263F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{852AC5FB-20E6-4E93-A6A0-F4BF98FCA546}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{852AC5FB-20E6-4E93-A6A0-F4BF98FCA546}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{804F5673-FD05-41C9-BE3C-D98B2E296A88}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE8D7750-2F94-4FFD-98F7-16E5D17AFABD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE8D7750-2F94-4FFD-98F7-16E5D17AFABD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA36502F-C9AB-4829-A076-566A6788E57E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA36502F-C9AB-4829-A076-566A6788E57E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD9647A6-9011-44BE-9C5D-62C59DD2B3AE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD9647A6-9011-44BE-9C5D-62C59DD2B3AE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C56CC4A6-2E14-4C90-AC47-9A04AA58739B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C56CC4A6-2E14-4C90-AC47-9A04AA58739B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6665AC2-93E7-4BCE-94C9-87D50A06670A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6665AC2-93E7-4BCE-94C9-87D50A06670A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E157F365-F7EF-4742-AFD7-BAA1156ACF22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E157F365-F7EF-4742-AFD7-BAA1156ACF22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCE71506-0A19-4856-9CA5-9006ADE7E574}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCE71506-0A19-4856-9CA5-9006ADE7E574}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully

==== End of Fixlog 08:17:59 ====

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 14 úno 2018 13:08
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 14 úno 2018 13:20
od 25kubis
Vypadá to ok, děkuji za pomoc.

Re: Prosím o kontrolu, zpomalený notebook

Napsal: 14 úno 2018 13:51
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz