VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Trhá se počítač, hlavně prohlížeč

https://forum.viry.cz:443/viewtopic.php?t=156951

Stránka 1 z 2

Trhá se počítač, hlavně prohlížeč

Napsal: 21 bře 2020 18:48
od kružítko
Dobrý den,
můžu poprosit o pomoc?

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 21 bře 2020 18:56
od Rudy
Zdravím!
Tak trochu nerozumím řeči vašeho kmene. :) Co znamená "trhá se"? V každem případě dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 22 bře 2020 22:12
od kružítko
Posílám soubory.

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 22 bře 2020 22:14
od kružítko
Posílám soubory.

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 23 bře 2020 10:21
od Rudy
Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 07:44
od kružítko
Posílám adw cleaner soubory.

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 10:19
od Rudy
OK. Dejte nové logy FRST+Addition. Proč je nevkládáte přimo do odpovědi (copy/paste)?

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 17:56
od kružítko
Píše mi to že je text moc dlouhý.
------

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 19:04
od Rudy
kružítko píše:Píše mi to že je text moc dlouhý.
------
Můžete rozdělit do více postů. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\...\MountPoints2: {bd2eafe2-5f83-11e8-a8cf-806e6f6e6963} - D:\AUTORUN.EXE
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\...\MountPoints2: {d336a45e-2953-11e9-8296-d43d7e547634} - E:\HiSuiteDownLoader.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {3FBF05FA-6DB7-48B6-BCC6-C1BD1EC80428} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc.) [File not signed]
Task: {A39D1F1B-CC11-4C81-933F-4E75C332108B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43 => C:\Users\fleker\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc.) [File not signed]
Task: {A7A4DBF9-6313-4006-86BC-1670240ABCA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc.) [File not signed]
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [54272 2019-09-10] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {EC54D2A6-17B7-49D7-914B-C98F99269D1B} - System32\Tasks\{76771257-43CB-4FD8-B3CA-2B26AC8E9DB6} => C:\Windows\system32\pcalua.exe -a Q:\Downloads\MapSource_6163.exe -d Q:\Downloads
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
Handler: gcf - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - <no Path/update_url>
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{33FA4D56-9DAD-43D7-982E-7B473DCBEF64}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> no filepath
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\z mobilu 214.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32(34).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema(35).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll.0:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ccdcmbwu.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp(38).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase(39).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv(40).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil(42).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos(43).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpk(44).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv(45).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass(46).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0(47).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3(48).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r(49).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6(50).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r(51).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt(52).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nmwcdcocls.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll(53).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll.1:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rpcrt4(54).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel(55).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32(57).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss(58).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe.2:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore(59).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli(60).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv(61).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg(62).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon(63).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest(64).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet(66).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi(67).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFUpdate_01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups(68).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ccdcmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ccdcmbo.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\disk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pccsmcfd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usb2ser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser_lowerflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser_lowerfltj.sys:$CmdTcID [130]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:58D8F144 [288]
AlternateDataStreams: C:\ProgramData\TEMP:C43ED645 [138]
AlternateDataStreams: C:\Users\berry\Desktop\DOPOJ.xml:$CmdTcID [64]
AlternateDataStreams: C:\Users\fleker\Desktop\LM.bat:$CmdTcID [130]

EmptyTemp:
Hosts:
End
Uložte do Q:\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 19:34
od kružítko
Fix result of Farbar Recovery Scan Tool (x86) Version: 22-03-2020
Ran by fleker (25-03-2020 19:29:04) Run:1
Running from Q:\Downloads
Loaded Profiles: fleker (Available Profiles: fleker & berry)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\...\MountPoints2: {bd2eafe2-5f83-11e8-a8cf-806e6f6e6963} - D:\AUTORUN.EXE
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\...\MountPoints2: {d336a45e-2953-11e9-8296-d43d7e547634} - E:\HiSuiteDownLoader.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {3FBF05FA-6DB7-48B6-BCC6-C1BD1EC80428} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc.) [File not signed]
Task: {A39D1F1B-CC11-4C81-933F-4E75C332108B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43 => C:\Users\fleker\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc.) [File not signed]
Task: {A7A4DBF9-6313-4006-86BC-1670240ABCA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc.) [File not signed]
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [54272 2019-09-10] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {EC54D2A6-17B7-49D7-914B-C98F99269D1B} - System32\Tasks\{76771257-43CB-4FD8-B3CA-2B26AC8E9DB6} => C:\Windows\system32\pcalua.exe -a Q:\Downloads\MapSource_6163.exe -d Q:\Downloads
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
Handler: gcf - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - <no Path/update_url>
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{33FA4D56-9DAD-43D7-982E-7B473DCBEF64}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> no filepath
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\z mobilu 214.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32(34).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema(35).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll.0:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ccdcmbwu.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp(38).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase(39).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv(40).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil(42).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos(43).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpk(44).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv(45).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass(46).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0(47).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3(48).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r(49).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6(50).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r(51).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt(52).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nmwcdcocls.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll(53).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll.1:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rpcrt4(54).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel(55).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32(57).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss(58).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe.2:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore(59).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli(60).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv(61).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg(62).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon(63).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest(64).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet(66).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi(67).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFUpdate_01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups(68).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ccdcmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ccdcmbo.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\disk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pccsmcfd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usb2ser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser_lowerflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser_lowerfltj.sys:$CmdTcID [130]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:58D8F144 [288]
AlternateDataStreams: C:\ProgramData\TEMP:C43ED645 [138]
AlternateDataStreams: C:\Users\berry\Desktop\DOPOJ.xml:$CmdTcID [64]
AlternateDataStreams: C:\Users\fleker\Desktop\LM.bat:$CmdTcID [130]

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd2eafe2-5f83-11e8-a8cf-806e6f6e6963} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d336a45e-2953-11e9-8296-d43d7e547634} => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FBF05FA-6DB7-48B6-BCC6-C1BD1EC80428}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FBF05FA-6DB7-48B6-BCC6-C1BD1EC80428}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A39D1F1B-CC11-4C81-933F-4E75C332108B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A39D1F1B-CC11-4C81-933F-4E75C332108B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7A4DBF9-6313-4006-86BC-1670240ABCA1}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7A4DBF9-6313-4006-86BC-1670240ABCA1}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE8699D2-8A05-42F7-8A85-5162AF47D26A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE8699D2-8A05-42F7-8A85-5162AF47D26A}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC54D2A6-17B7-49D7-914B-C98F99269D1B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC54D2A6-17B7-49D7-914B-C98F99269D1B}" => removed successfully.
C:\Windows\System32\Tasks\{76771257-43CB-4FD8-B3CA-2B26AC8E9DB6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{76771257-43CB-4FD8-B3CA-2B26AC8E9DB6}" => removed successfully.
"HKLM\Software\\Microsoft\Internet Explorer\Main\\HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search" => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Classes\PROTOCOLS\Handler\gcf => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda => removed successfully.
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000UA => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860077999-920603677-2990381230-1000Core1d0ebe895468e43" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{33FA4D56-9DAD-43D7-982E-7B473DCBEF64} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully.
HKU\S-1-5-21-2860077999-920603677-2990381230-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
C:\autoexec.bat => ":$CmdTcID" ADS could not remove.
C:\z mobilu 214.jpg => ":$CmdZnID" ADS removed successfully.
C:\Windows\system32\adsmsext.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\advapi32(34).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\aelupsvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\apisetschema(35).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\apisetschema.dll.0 => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\apphelp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\basesrv.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\bcryptprimitives.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ccdcmbwu.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\certcli.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\cewmdm.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\chajei.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\cintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\clfsw32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\COLORCNV.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\comctl32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\CPFilters.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\credssp(38).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\cryptbase(39).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\csrsrv(40).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\d3d10level9.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\davclnt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\devenum.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\diskperf.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\dwmapi.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\dwmcore.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\els.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\EncDec.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\fixmapi.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\fveapi.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\fveapibase.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\FwRemoteSvr.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\gpapi.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\gpsvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\iertutil(42).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\IMJP10.IME => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\IMJP10K.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\imkr80.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\InkEd.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\input.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\IPSECSVC.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\KBDAZE.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\KBDAZEL.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\kbdgeoqw.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\kerberos(43).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ksproxy.ax => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ksuser.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\logman.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\lpk(44).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\lsasrv(45).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\lsass(46).exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mapi32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mapistub.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mcmde.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mfvdsp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\MFWMAAEC.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\MP3DMOD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\MP43DECD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\MP4SDECD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\MPG4DECD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msmpeg2adec.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\MSMPEG2ENC.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msmpeg2vdec.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msorcl32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msv1_0(47).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mswsock.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msxml3(48).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msxml3r(49).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msxml6(50).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msxml6r(51).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mtxoci.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ncrypt(52).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\nlasvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\nmwcdcocls.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\notepad.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ntdll(53).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ntdll.dll.1 => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\olepro32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\perftrack.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\phon.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\polstore.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\powertracker.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\profsvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\qasf.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\qintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\quick.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\relog.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\RESAMPLEDMO.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\rpcrt4(54).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\schannel(55).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\sdbinst.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\sechost.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\secur32(57).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\shimeng.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\smss(58).exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\smss.exe.2 => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\srcore(59).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\sspicli(60).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\sspisrv(61).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\SysFxUI.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\tbs.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\tdh.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\tintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\tracerpt.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\TSpkg(62).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\TSWbPrxy.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\typeperf.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ubpm.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\UIAnimation.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\urlmon(63).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\VIDRESZR.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wdi.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wdigest(64).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WebClnt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\winhttp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wininet(66).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\winipsec.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\winresume.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMADMOD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMADMOE.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMALFXGFXDSP.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wmpmde.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMSPDMOD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMSPDMOE.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMVDECOD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMVENCOD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMVSDECD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMVSENCD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WMVXENCD.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wpdshext.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\ws2_32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wshrm.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wuapi(67).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WUDFUpdate_01009.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wups(68).dll => ":$CmdTcID" ADS could not remove.
C:\Windows\notepad.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\ccdcmb.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\ccdcmbo.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\disk.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\drmk.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\drmkaud.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\mrxdav.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\pccsmcfd.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\portcls.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\rmcast.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\stream.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\tcpipreg.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\usb2ser.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\usbser.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\usbser_lowerflt.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\usbser_lowerfltj.sys => ":$CmdTcID" ADS could not remove.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\ProgramData\TEMP => ":58D8F144" ADS removed successfully.
C:\ProgramData\TEMP => ":C43ED645" ADS removed successfully.
C:\Users\berry\Desktop\DOPOJ.xml => ":$CmdTcID" ADS could not remove.
C:\Users\fleker\Desktop\LM.bat => ":$CmdTcID" ADS could not remove.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13155592 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2498108 B
Edge => 0 B
Chrome => 306822653 B
Firefox => 28009927 B
Opera => 35367012 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 7104 B
Public => 7104 B
ProgramData => 7104 B
systemprofile => 77288 B
LocalService => 110413 B
NetworkService => 151610 B
fleker => 66625816 B
berry => 84489907 B
postgres => 84489907 B

RecycleBin => 0 B
EmptyTemp: => 601 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:29:15 ====

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 19:50
od Rudy
OK. Nastala nějaká změna?

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 25 bře 2020 22:40
od kružítko
Start windowsů se zrychlil, ale některé věci přetrvávají, prohlížeč mi jde pomalu, některé aplikace mi nereagují nebo reagují zpožděně (takové to kolečko místo kurzoru, jak se točí, vídám poslední dobou docela často :-) a nahoře nápis "program neodpovídá" a občas se mi sekají filmy, nebo se zasekne obraz a zvuk běží dál. Myslel jsem že to je nějaká havěť v počítači..

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 26 bře 2020 10:33
od Rudy
Ok. Udělejte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 26 bře 2020 17:33
od kružítko
Hotovo, viry to nenašlo žádné. No tak uvidíme jak to bude vypadat dál. Možná že ty ostatní problémy způsobuje hardware, počítač je starý, před pár měsíci mi odešla paměť, před týdnem zdroj, HDD už je v provozu 85.000 hodin. Pokud se to nějak nevzchopí, zkusím přeinstalovat systémy, případně obměnit nějaký hardware, dokoupit disk a paměti a uvidím. Nevím čím to může být, třeba otevírám soubor excelu, který má cca 40kb, a někdy to jde v pohodě, jindy se to otevírá třeba půl minuty a místo kurzoru otáčející se kolečko. Nebo kopíruju větší soubor, a v 25% se to zastaví, a další 2 minuty to nic nedělá..pak se to zase rozjede jako by nic, ale všechny kontroly disku co jsem prováděl skrz různé softwary ukázaly že je vše v naprostém pořádku. Nebo v prohlížeči (Google Chrome) mi zničehonic spadnou všechny stránky a místo nich je tam napsáno "pro otevření stránky není dostatek paměti", jindy mě spadnou jen panely z určitého webu, jindy se zase stane že se bez jakéhokoliv upozornění vypne celý Chrome. Taky se mi v 50% stává že když spadne počítač do hibernace nebo úsporného režimu, tak už se pak z něho neprobere, nereaguje na klávesnici, někdy pomůže když ji odpojím a zase připojím, jindy to nepomůže, někdy reaguje na vypínací tlačítko, někdy ani na to ne, někdy nereaguje ani na tlačítko restart a musím ho vypojit ze zásuvky a zase zapnout. A pak ty věci s grafikou, koukám na film a vypadne obraz, nebo se začne trhat, nebo hraju nějakou karetní hru na počítači a nezobrazí mi to moje karty. Prostě počítač vypadá na multiorgánové selhání :-)

V každým případě díky za pomoc, počítač to určitě vyčistilo a zrychlilo, ale hol některé ty jiné problémy pochází zřejmě odjinud.

Re: Trhá se počítač, hlavně prohlížeč

Napsal: 26 bře 2020 17:50
od Rudy
Zkuste aplikace, které se nechovají korektně přeinstalovat. To je poslední možnost, v opačném případě už to vypadá na systémovou chybu.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz