spowolnione działanie komputera

[Dann]

System zaczął bardzo wolno chodzić.Nie mam pojęcia co może być powodem. Chciałbym przeprowadzić dokładne skanowanie komputera, po czym usunąć ewentualne, nie pożądane pliki .Prosiłbym o diagnozę raportów.

 

Za pomoc z góry dziękuje i pozdrawiam.

 

  

 

[jessica]

1) Otwórz Notatnik i wklej w nim:

 

globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== UWAGA

Task: {92DB743B-DF35-49FA-AF36-704C50D5F8C5} - System32\Tasks\SiegmundPathologicalDeparturesV2 => Rundll32.exe ShamblesCarburetors.dll,main 7 1 <==== UWAGA
Task: {953D30D4-8C02-4347-8F7E-512F0EE51819} - System32\Tasks\AdministratorWithiesInsanitiesV2 => Rundll32.exe MaystDesecrations.dll,main 7 1 <==== UWAGA

C:\Users\Administrator\AppData\Local\WithiesInsanities\MaystDesecrations.dll

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

 

2) Spróbuj odinstalować te programy:

globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== UWAGA
AnySend (HKLM-x32\...\ASPackage) (Version:  - CMI Limited) <==== UWAGA
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.13.1.0 - Ask.com) <==== UWAGA

BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - ) <==== UWAGA
CinemaPlus-3.2cV22.09 (HKLM-x32\...\CinemaPlus-3.2cV22.09) (Version: 1.36.01.22 - Cinema PlusV22.09) <==== UWAGA

Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== UWAGA
GamesDesktop 008.005010093 (HKLM-x32\...\gmsd_pl_005010093_is1) (Version:  - GAMESDESKTOP) <==== UWAGA
GamesDesktop 008.005010095 (HKLM-x32\...\gmsd_pl_005010095_is1) (Version:  - GAMESDESKTOP) <==== UWAGA
GamesDesktop 008.005010099 (HKLM-x32\...\gmsd_pl_005010099_is1) (Version:  - GAMESDESKTOP) <==== UWAGA

GoHD (HKLM-x32\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== UWAGA

jogotempo 3.4 (HKLM-x32\...\jogotempo) (Version: 3.4 - DN) <==== UWAGA
MyBestOffersToday 008.014010091 (HKLM-x32\...\mbot_pl_014010091_is1) (Version:  - MYBESTOFFERSTODAY) <==== UWAGA
MyBrowser (HKLM-x32\...\MyBrowser) (Version: 39.5.2171.95 - The MyBrowser Authors) <==== UWAGA

oursurfing (HKLM-x32\...\oursurfing) (Version: 1.0.0.1 - ) <==== UWAGA

PriceFountain (HKU\S-1-5-21-721309439-3976775549-3943258617-500\...\WithiesInsanities) (Version:  - ) <==== UWAGA

RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - systweak.com) <==== UWAGA
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== UWAGA
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== UWAGA
Space Bar Use (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Space Bar Use) <==== UWAGA

Update for PriceFountain (HKU\S-1-5-21-721309439-3976775549-3943258617-500\...\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}) (..) <==== UWAGA

WordWizard 1.10.0.24 (HKLM-x32\...\WordWizard_1.10.0.24) (Version: 1.10.0.24 - WordWizard) <==== UWAGA

 

3) Użyj >Adw-cleaner
najpierw kliknij na SKANUJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego "C"

 

4) Zrób nowe logi FRST.

Przed skanem zaznacz "Addition.txt" oraz "Shortcut.txt"

 

jessi

[Dann]

Dziękuje, podziałało. 

 

A to nowe logi:

 

 

 

         

 

 

 

 

[jessica]

Update for PriceFountain (HKU\S-1-5-21-721309439-3976775549-3943258617-500\...\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}) (Version:  - Update for PriceFountain) <==== UWAGA

Ten program jeszcze jest na liście Twoich programów.

Sprawdź, czy w rzeczywistości też jeszcze jest?

PriceFountain (HKU\S-1-5-21-721309439-3976775549-3943258617-500\...\WithiesInsanities) (Version:  - ) <==== UWAGA

ten też

 

Otwórz Notatnik i wklej w nim:

 

 

Task: {359E018A-877F-4F47-95F1-D474A1671F77} - System32\Tasks\{756DB69D-8DFB-42E8-BD4D-C8AEFA23A8A2} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\The Godfather The Game\EAUninstall.exe"

Task: {59C083DD-B773-4E85-A432-B986E1D54F63} - System32\Tasks\{BB625EA7-7ECC-4796-B17E-35A196FA7F60} => pcalua.exe -a "C:\Max Payne Duo\Max Payne Dubbing PL\MAX-FX\setup\Setup.exe" -d "C:\Max Payne Duo\Max Payne Dubbing PL\MAX-FX\setup"

Task: {A0DA1539-7712-4945-8475-5347C4B80131} - System32\Tasks\{A1C02B8E-3E94-4FE2-B952-91EF114B4D79} => pcalua.exe -a E:\English\setup.exe -d E:\English

Task: {42537C9B-63C0-446F-911B-DFF7C16720B5} - System32\Tasks\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD} => C:\Users\Administrator\AppData\Roaming\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}\sync.exe [2013-04-16] () <==== UWAGA

RemoveDirectory: C:\Users\Administrator\AppData\Roaming\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}

C:\Users\Public\Desktop\Zakup Online.lnk

GroupPolicy: Ograniczenia - Chrome <======= UWAGA

ProxyServer: [s-1-5-21-721309439-3976775549-3943258617-500] => http=127.0.0.1:8080;https=127.0.0.1:8080

ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.aqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.aqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

SearchScopes: HKU\S-1-5-21-721309439-3976775549-3943258617-500 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKU\S-1-5-21-721309439-3976775549-3943258617-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-721309439-3976775549-3943258617-500 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-28] <==== UWAGA (Linkuje do pliku *.cfg)

StartMenuInternet: Google Chrome.35QUAFRYTTK2PRTZNNGNEBOLFM - C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

StartMenuInternet: Google Chrome.4C3POT2B2QCPGSGQPH4T3KNDY4 - C:\Users\Siegmund\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Administrator\Downloads\CCleaner-13061-dp.exe

C:\Users\Administrator\AppData\Local\Microsoft\Windows\GameExplorer\{30C8D977-B58F-4949-9821-3442B7E6B31D}\PlayTasks\0\Play.lnk

DeleteKey: HKU\S-1-5-21-721309439-3976775549-3943258617-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}

DeleteKey: HKU\S-1-5-21-721309439-3976775549-3943258617-500\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}

DeleteKey: HKU\S-1-5-21-721309439-3976775549-3943258617-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WithiesInsanities

DeleteKey: HKU\S-1-5-21-721309439-3976775549-3943258617-500\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WithiesInsanities

RemoveDirectory: C:\Users\Administrator\AppData\Roaming\{42F6EE27-ADC6-46A4-4366-7F73052DD2BD}

RemoveDirectory: C:\Users\Administrator\AppData\Local\WithiesInsanities

2016-06-14 04:24 - 2011-09-16 15:12 - 0143240 _____ (Ask.com) C:\Program Files (x86)\Common Files\ApnStub.exe

2016-06-14 04:24 - 2011-09-16 15:12 - 3623592 _____ (Ask) C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser\MyBrowser.lnk

RemoveDirectory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser

RemoveDirectory: C:\Program Files (x86)\MyBrowser

ShortcutWithArgument: C:\Users\Administrator\Desktop\Google Chrome.lnk -> C:\Users\Siegmund\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\Users\Siegmund\Desktop\Google Chrome.lnk -> C:\Users\Siegmund\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Users\Siegmund\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.aqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443462685

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.aqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443462685

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.aqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443462685

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.aqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443462685

ShortcutWithArgument: C:\Users\Siegmund\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.qqovd.com?oem=sunadplv3&uid=82HDP06YT_MQ01ABD032&tm=1443459457

ShortcutWithArgument: C:\Users\Administrator\AppData\Local\WithiesInsanities\allegro.pl .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Administrator\AppData\Local\WithiesInsanities\allegro.pl.smenu.URL

ShortcutWithArgument: C:\Users\Administrator\AppData\Local\WithiesInsanities\allegro.pl.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Administrator\AppData\Local\WithiesInsanities\allegro.pl.tbar.URL

ShortcutWithArgument: C:\Users\Administrator\AppData\Local\WithiesInsanities\Booking .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Administrator\AppData\Local\WithiesInsanities\Booking.smenu.URL

ShortcutWithArgument: C:\Users\Administrator\AppData\Local\WithiesInsanities\Booking.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Administrator\AppData\Local\WithiesInsanities\Booking.tbar.URL

InternetURL: C:\Users\Administrator\AppData\Local\WithiesInsanities\allegro.pl.smenu.URL -> URL: hxxp://redirect.pmcdn.info/pfintermediate.html?type=quick&topic=iconStartmenuclick&partner=ironpf2&destination=allegro.pl&uid=9bf6d3e7d64a6fe1c8cfae23fc646e58&country=PL&storeKey=allegro.pl

InternetURL: C:\Users\Administrator\AppData\Local\WithiesInsanities\allegro.pl.tbar.URL -> URL: hxxp://redirect.pmcdn.info/pfintermediate.html?type=quick&topic=iconTaskbarclick&partner=ironpf2&destination=allegro.pl&uid=9bf6d3e7d64a6fe1c8cfae23fc646e58&country=PL&storeKey=allegro.pl

InternetURL: C:\Users\Administrator\AppData\Local\WithiesInsanities\Booking.smenu.URL -> URL: hxxp://redirect.pmcdn.info/pfintermediate.html?type=quick&topic=iconStartmenuclick&partner=ironpf2&destination=Booking&uid=9bf6d3e7d64a6fe1c8cfae23fc646e58&country=PL&storeKey=Booking

InternetURL: C:\Users\Administrator\AppData\Local\WithiesInsanities\Booking.tbar.URL -> URL: hxxp://redirect.pmcdn.info/pfintermediate.html?type=quick&topic=iconTaskbarclick&partner=ironpf2&destination=Booking&uid=9bf6d3e7d64a6fe1c8cfae23fc646e58&country=PL&storeKey=Booking

EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe

Uruchom FRST i kliknij przycisk Fix (NAPRAW).

 

Zrób nowe logi FRST.

 

jessi

 

[Dann]

Proszę,nowe logi:

 

  

[jessica]

Otwórz Notatnik i wklej w nim:

 

Task: {33FDECC8-62C0-47C6-829B-571614EFDBAD} - System32\Tasks\B43571D-E06E-4B4F-99D-4E933C779AC => C:\Users\Siegmund\AppData\Local\B43571D-E06E-4B4F-99D-4E933C779AC\B43571D-E06E-4B4F-99D-4E933C779AC.exe <==== UWAGA
:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
RemoveDirectory: C:\Users\Siegmund\AppData\Local\B43571D-E06E-4B4F-99D-4E933C779AC
C:\Users\Siegmund\AppData\Local\Microsoft\Windows\GameExplorer\{30C8D977-B58F-4949-9821-3442B7E6B31D}\PlayTasks\0\Play.lnk
C:\Users\Siegmund\AppData\Local\Microsoft\Windows\GameExplorer\{508FC612-CFB9-49EE-A496-FF6845E8276F}\PlayTasks\0\Play.lnk
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

 

Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

 

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix (NAPRAW).
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
 

Jeśli natomiast problem nie zniknie, to zaczekasz na @Picasso (napisała, że dziś od rana będzie pomagać, ale w tej chwili nie widzę tej pomocy).https://www.fixitpc.pl/topic/29279-zg%C5%82oszenia-temat%C3%B3w-bez-odpowiedzi/

 

jessi

[Dann]

        

[jessica]

Poprawka (z mojej winy) :

Otwórz Notatnik i wklej w nim:

 

C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

 

jessi

[Dann]

Twoja pomoc jest dla mnie nieoceniona.

Dziękuje ci bardzo za pomoc i poświęcony mi czas:)