Pomalý Pc + Vir

mople71 · Příspěvekod **mople71** » 27 dub 2015 19:36

Odinstaluj prosím tyto programy:

CCleaner

---------------------------------------------

Aplikuj fixlist pro FRST:

Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Task: {B33EC31E-DE59-4B5B-8599-A9D1B7A9C122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
C:\Program Files (x86)\Kaspersky Lab

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 aswMBR; \??\C:\Users\doma\AppData\Local\Temp\aswMBR.sys [X]

C:\Users\doma\Desktop\aswmbr.exe
C:\ProgramData\Kaspersky Lab Setup Files
C:\ProgramData\RogueKiller
C:\ProgramData\mtbjfghn.xbe
C:\Windows\Tasks\*.job

CMD: bitsadmin /reset /allusers
CMD: dir %appdata%
CMD: dir %localappdata%

EmptyTemp:
End

Poté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.

Reklama

Richard720 · Příspěvekod **Richard720** » 27 dub 2015 22:11

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-04-2015 01
Ran by doma at 2015-04-27 22:05:08 Run:1
Running from C:\Users\doma\Desktop
Loaded Profiles: doma (Available profiles: doma)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Task: {B33EC31E-DE59-4B5B-8599-A9D1B7A9C122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
C:\Program Files (x86)\Kaspersky Lab

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 aswMBR; \??\C:\Users\doma\AppData\Local\Temp\aswMBR.sys [X]

C:\Users\doma\Desktop\aswmbr.exe
C:\ProgramData\Kaspersky Lab Setup Files
C:\ProgramData\RogueKiller
C:\ProgramData\mtbjfghn.xbe
C:\Windows\Tasks\*.job

CMD: bitsadmin /reset /allusers
CMD: dir %appdata%
CMD: dir %localappdata%

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B33EC31E-DE59-4B5B-8599-A9D1B7A9C122} => Key not found.
C:\Windows\System32\Tasks\CCleanerSkipUAC not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\Software\Microsoft\Windows\CurrentVersion\Run\\KSS => value deleted successfully.
"C:\Program Files (x86)\Kaspersky Lab" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1671680633-972831637-2107977362-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-1671680633-972831637-2107977362-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
VGPU => Service deleted successfully.
aswMBR => Service deleted successfully.
C:\Users\doma\Desktop\aswmbr.exe => Moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files => Moved successfully.
C:\ProgramData\RogueKiller => Moved successfully.
C:\ProgramData\mtbjfghn.xbe => Moved successfully.
C:\Windows\Tasks\*.job => Moved successfully.

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

========= dir %appdata% =========

Volume in drive C has no label.
Volume Serial Number is 00B6-9F3B

Directory of C:\Users\doma\AppData\Roaming

26.04.2015 21:22 <DIR> .
26.04.2015 21:22 <DIR> ..
04.03.2015 17:03 <DIR> .minecraft
05.11.2014 19:07 <DIR> Adobe
31.12.2001 23:16 <DIR> ATI
10.11.2014 18:39 <DIR> AVAST Software
20.10.2014 10:53 <DIR> Battle.net
01.09.2014 14:24 <DIR> Carambis
10.11.2014 18:50 <DIR> Dropbox
26.09.2014 16:37 <DIR> Genius X-G500
04.12.2014 20:00 <DIR> GHISLER
31.12.2001 22:56 <DIR> Identities
17.10.2014 18:38 <DIR> Injustice
04.01.2015 16:52 <DIR> InstallShield
07.12.2014 18:49 <DIR> java
01.01.2002 00:17 <DIR> LolClient
01.01.2002 00:17 <DIR> Macromedia
12.04.2011 10:28 <DIR> Media Center Programs
01.09.2014 14:25 <DIR> Mozilla
08.10.2014 19:13 <DIR> OBS
31.12.2001 23:26 <DIR> Opera Software
05.12.2014 16:46 <DIR> PC Remote
31.12.2001 23:28 <DIR> Riot Games
27.04.2015 18:32 <DIR> Skype
27.04.2015 18:29 <DIR> Spotify
28.09.2014 22:18 <DIR> Steam
16.10.2014 21:35 <DIR> Trine2
27.04.2015 20:03 <DIR> TS3Client
27.02.2015 14:20 <DIR> Unity
24.04.2015 20:10 <DIR> uTorrent
28.01.2015 22:57 <DIR> vlc
10.09.2014 20:01 <DIR> WinRAR
29.03.2015 14:45 <DIR> WizardWars
01.09.2014 14:29 <DIR> Yandex
0 File(s) 0 bytes
34 Dir(s) 68�701�298�688 bytes free

========= End of CMD: =========

========= dir %localappdata% =========

Volume in drive C has no label.
Volume Serial Number is 00B6-9F3B

Directory of C:\Users\doma\AppData\Local

27.04.2015 00:50 <DIR> .
27.04.2015 00:50 <DIR> ..
25.04.2015 12:38 <DIR> 1BN_Software_&_IT_Solutio
10.01.2015 22:00 <DIR> Adobe
29.03.2015 14:14 <DIR> Akamai
31.12.2001 23:16 <DIR> AMD
31.12.2001 23:16 <DIR> ATI
27.04.2015 22:02 <DIR> Battle.net
24.04.2015 20:36 <DIR> BlackHole
01.09.2014 17:53 <DIR> Blizzard
01.09.2014 17:17 <DIR> Blizzard Entertainment
01.09.2014 14:25 <DIR> Chromium
02.04.2015 00:35 <DIR> Diagnostics
17.09.2014 13:08 111�920 GDIPFONTCACHEV1.DAT
14.12.2014 10:54 <DIR> Glyph
01.09.2014 15:04 <DIR> Google
30.11.2014 23:35 <DIR> id Software
04.12.2014 19:39 <DIR> Launcher
11.10.2014 13:52 <DIR> LogMeIn
02.04.2015 00:31 <DIR> Microsoft
10.09.2014 20:09 <DIR> Microsoft Help
31.12.2001 23:26 <DIR> Opera Software
16.09.2014 23:10 <DIR> Programs
01.09.2014 16:12 <DIR> Skype
29.09.2014 22:19 <DIR> Skyrim
27.04.2015 18:32 <DIR> Spotify
19.02.2015 15:38 <DIR> Steam
27.04.2015 22:05 <DIR> Temp
14.10.2014 19:27 <DIR> The Witcher 2
27.02.2015 14:16 <DIR> Unity
25.04.2015 22:47 <DIR> VirtualStore
01.09.2014 14:29 <DIR> Yandex
1 File(s) 111�920 bytes
31 Dir(s) 68�701�294�592 bytes free

========= End of CMD: =========

EmptyTemp: => Removed 399 MB temporary data.

The system needed a reboot.

==== End of Fixlog 22:05:56 ====

mople71 · Příspěvekod **mople71** » 27 dub 2015 22:23

Bezva.

Stejným postupem jako nahoře aplikuj další fixlist pro FRST, jeho obsah je:

Kód: Vybrat vše

Start
C:\Users\doma\AppData\Local\Yandex
C:\Users\doma\AppData\Roaming\PC Remote
C:\Users\doma\AppData\Roaming\Yandex
End

Ani nemusíš dodávat fixlog, PC se nerestartuje.

Takže se vrhneme na úklid:

Stáhni si DelFix: https://toolslib.net/downloads/viewdownload/2-delfix/

V něm označ Remove disinfection tools, Purge system restore a klikni na Run.

Následně prosím dodej jeho log.

--------------------------------------------------------------

Stáhni si SecurityCheck: http://www.bleepingcomputer.com/download/securitycheck/

Ulož na Plochu, spusť jako Správce, odklikej a nech pracovat. Po dokončení skenu na tebe vyskočí log, jeho obsah sem prosím vlož.

Richard720 · Příspěvekod **Richard720** » 28 dub 2015 12:40

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-04-2015 01
Ran by doma at 2015-04-28 12:38:58 Run:2
Running from C:\Users\doma\Desktop
Loaded Profiles: doma (Available profiles: doma)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\doma\AppData\Local\Yandex
C:\Users\doma\AppData\Roaming\PC Remote
C:\Users\doma\AppData\Roaming\Yandex
End
*****************

C:\Users\doma\AppData\Local\Yandex => Moved successfully.
C:\Users\doma\AppData\Roaming\PC Remote => Moved successfully.
C:\Users\doma\AppData\Roaming\Yandex => Moved successfully.

==== End of Fixlog 12:38:58 ====

Richard720 · Příspěvekod **Richard720** » 28 dub 2015 12:42

# DelFix v1.010 - Logfile created 28/04/2015 at 12:41:25
# Updated 26/04/2015 by Xplode
# Username : doma - DOMA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\doma\Desktop\Addition.txt
Deleted : C:\Users\doma\Desktop\aswMBR LOG.txt
Deleted : C:\Users\doma\Desktop\Fixlog.txt
Deleted : C:\Users\doma\Desktop\FRST.txt
Deleted : C:\Users\doma\Desktop\FRST64.exe
Deleted : C:\Users\doma\Desktop\MBR.dat
Deleted : C:\Users\doma\Desktop\Rkill.txt
Deleted : C:\Users\doma\Downloads\HijackThis.exe
Deleted : C:\Users\doma\Downloads\hijackthis.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #94 [Scheduled Checkpoint | 03/28/2015 16:48:58]
Deleted : RP #95 [Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 | 03/29/2015 12:43:22]
Deleted : RP #96 [Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 | 03/29/2015 12:44:03]
Deleted : RP #97 [Windows Update | 03/31/2015 12:24:18]
Deleted : RP #98 [Windows Update | 04/03/2015 16:10:33]
Deleted : RP #99 [Windows Update | 04/05/2015 01:14:52]
Deleted : RP #100 [Windows Update | 04/10/2015 08:28:27]
Deleted : RP #101 [Windows Update | 04/14/2015 11:19:05]
Deleted : RP #102 [Windows Update | 04/16/2015 00:03:58]
Deleted : RP #103 [Windows Update | 04/21/2015 11:25:57]
Deleted : RP #104 [Uniblue PC Mechanic installation | 04/25/2015 10:37:57]
Deleted : RP #105 [zoek.exe restore point | 04/26/2015 19:19:16]
Deleted : RP #107 [Restore Point Created by FRST | 04/27/2015 20:05:20]
Deleted : RP #108 [Windows Update | 04/28/2015 10:33:52]

New restore point created !

########## - EOF - ##########

Richard720 · Příspěvekod **Richard720** » 28 dub 2015 12:53

Results of screen317's Security Check version 1.00
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 11
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Google Chrome (41.0.2272.118)
Google Chrome (42.0.2311.90)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast avastui.exe
AVAST Software Avast ng ngservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

mople71 · Příspěvekod **mople71** » 28 dub 2015 13:59

Aktualizuj Javu, můžeš použít např. JavaRa: http://sourceforge.net/projects/javara/

Jestli nejsou problémy ani dotazy, z mé strany je to vše a vlákno můžeš označit za Vyřešené.

Richard720 · Příspěvekod **Richard720** » 28 dub 2015 14:49

Ok děkuju ti moc :)

Pomalý Pc + Vir Vyřešeno

Re: Pomalý Pc + Vir Vyřešeno

Re: Pomalý Pc + Vir

Re: Pomalý Pc + Vir

Re: Pomalý Pc + Vir

Re: Pomalý Pc + Vir

Re: Pomalý Pc + Vir

Re: Pomalý Pc + Vir

Re: Pomalý Pc + Vir

Kdo je online