Problemy s notebookem HP Pavilion

Zpráva

Susan24 · #1 Příspěvek od **Susan24** » 02 říj 2015 17:26

Mam zakoupeny notebook z datartu HP Pavilion pred cca 2 roky.

Notebook je zasekany, mys si dela co chce, sami se prepinaji stranky na internetu, stranky se priblizuji a oddaluji, u mysi jsou mala kolecka ktera se hybou a ruzne skakaji, v tuto chvili se s mysi neda absolutne manipulovat a dela to i po restartu relativne do 30min.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by PC-HP.Pavilion (administrator) on PC-HP (02-10-2015 18:12:35)
Running from C:\Users\PC-HP.Pavilion\Desktop
Loaded Profiles: PC-HP.Pavilion (Available Profiles: PC-HP.Pavilion)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Pokki) C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pokki) C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(ESET) C:\Config.Msi\53da5.rbf
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-10] ()
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\PC-HP.Pavilion\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\Run: [Google Update] => C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\RunOnce: [Application Restart #2] => C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-08-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * aswBoot.exe /M:19e4772c934 /wow /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A496B595-FBFD-4F15-BEBF-B3A13F61139F}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {EE244934-51E0-4199-BA6D-DC1B4C1DD62C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {EE244934-51E0-4199-BA6D-DC1B4C1DD62C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-553041264-3858676470-1185905030-1002 -> {EE244934-51E0-4199-BA6D-DC1B4C1DD62C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-553041264-3858676470-1185905030-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\PC-HP.Pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\91gag02d.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-553041264-3858676470-1185905030-1002: @tools.google.com/Google Update;version=3 -> C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-553041264-3858676470-1185905030-1002: @tools.google.com/Google Update;version=9 -> C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-553041264-3858676470-1185905030-1002: google.com/WidevineMediaOptimizer -> C:\Users\PC-HP.Pavilion\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-05]
CHR Extension: (Disk Google) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-05]
CHR Extension: (YouTube) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-05]
CHR Extension: (Vyhledávání Google) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-02]
CHR Extension: (Gmail) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-06-20] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [37632 2013-06-01] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [51200 2012-07-26] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [29952 2013-07-20] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-04-11] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-24] (Advanced Micro Devices)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-07-20] (Broadcom Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288840 2013-03-29] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 edevmon; system32\DRIVERS\edevmon.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-02 18:12 - 2015-10-02 18:13 - 00016650 _____ C:\Users\PC-HP.Pavilion\Desktop\FRST.txt
2015-10-02 18:11 - 2015-10-02 18:12 - 00000000 ____D C:\FRST
2015-10-02 18:10 - 2015-10-02 18:10 - 02192384 _____ (Farbar) C:\Users\PC-HP.Pavilion\Desktop\FRST64.exe
2015-10-02 17:34 - 2015-10-02 17:50 - 00021525 _____ C:\Windows\WindowsUpdate.log
2015-10-02 17:32 - 2015-10-02 17:32 - 00045468 _____ C:\Users\PC-HP.Pavilion\Downloads\cc_20151002_173237.reg
2015-09-28 17:19 - 2015-09-28 17:19 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-28 17:19 - 2015-09-28 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-28 17:19 - 2015-09-28 17:19 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-23 14:27 - 2015-09-12 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-09-23 14:27 - 2015-09-12 15:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-09-23 14:27 - 2015-09-12 15:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2015-09-23 14:27 - 2015-09-12 15:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2015-09-23 14:27 - 2015-09-12 15:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2015-09-17 22:44 - 2015-09-17 22:54 - 1978720256 _____ C:\Users\PC-HP.Pavilion\Downloads\Vedlejší účinky .(2013) HQ CZ Dabing.avi
2015-09-08 22:50 - 2015-09-02 15:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 22:50 - 2015-09-02 15:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 22:50 - 2015-09-02 15:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 22:50 - 2015-09-02 15:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 22:50 - 2015-08-05 15:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 22:50 - 2015-08-01 18:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 22:50 - 2015-08-01 17:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 22:50 - 2015-08-01 15:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 22:50 - 2015-08-01 15:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 22:50 - 2015-08-01 15:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 22:50 - 2015-07-18 21:30 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-08 22:50 - 2015-07-03 15:33 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-08 22:50 - 2015-07-03 15:23 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-09-08 22:47 - 2015-08-04 15:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-09-08 22:47 - 2015-08-04 15:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-08-04 15:53 - 02307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 22:47 - 2015-08-04 15:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 22:47 - 2015-08-04 15:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-09-08 22:46 - 2015-09-02 15:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 22:46 - 2015-09-02 15:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 22:46 - 2015-09-02 01:25 - 04065280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 22:46 - 2015-08-28 23:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 22:46 - 2015-08-27 20:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 22:45 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 22:45 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 22:45 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 22:45 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 22:44 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 22:44 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 22:44 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-02 18:16 - 2014-01-05 20:05 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 18:10 - 2014-01-05 21:27 - 00000000 ____D C:\Users\PC-HP.Pavilion\AppData\Local\Pokki
2015-10-02 18:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-10-02 17:41 - 2014-01-09 22:32 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-553041264-3858676470-1185905030-1002
2015-10-02 17:39 - 2014-01-30 00:08 - 00013312 ___SH C:\Users\PC-HP.Pavilion\Desktop\Thumbs.db
2015-10-02 17:36 - 2014-01-05 20:05 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-02 17:36 - 2013-03-22 10:00 - 00000983 _____ C:\Windows\SysWOW64\bscs.ini
2015-10-02 17:36 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-02 17:36 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-02 17:27 - 2015-04-13 11:13 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-02 17:19 - 2014-10-08 13:44 - 00001010 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA.job
2015-10-02 15:55 - 2013-07-20 20:33 - 00755956 _____ C:\Windows\system32\perfh005.dat
2015-10-02 15:55 - 2013-07-20 20:33 - 00162886 _____ C:\Windows\system32\perfc005.dat
2015-10-02 15:55 - 2012-07-26 09:28 - 01851486 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-02 12:24 - 2013-08-27 15:59 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-09-30 23:57 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2015-09-30 15:35 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-09-29 22:23 - 2014-01-05 18:37 - 00000000 ____D C:\Users\PC-HP.Pavilion
2015-09-29 18:47 - 2014-01-05 20:05 - 00000000 ____D C:\Users\PC-HP.Pavilion\AppData\Local\Google
2015-09-28 23:22 - 2014-01-05 20:06 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-25 10:19 - 2014-10-08 13:44 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core.job
2015-09-24 11:14 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-09-23 11:27 - 2015-08-12 12:27 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-23 11:27 - 2015-04-13 11:13 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-17 23:07 - 2015-02-11 22:09 - 00811472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-17 23:07 - 2015-02-11 22:09 - 00177616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-17 10:14 - 2014-10-08 13:44 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA
2015-09-17 10:14 - 2014-10-08 13:44 - 00003594 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core
2015-09-15 00:11 - 2015-07-16 13:57 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 00:11 - 2014-01-05 20:05 - 00003708 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 23:32 - 2015-03-22 12:21 - 00291688 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-14 23:30 - 2015-08-28 01:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-14 23:30 - 2015-06-11 00:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-14 23:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2015-09-14 23:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 23:46 - 2014-08-09 14:09 - 00000000 ____D C:\Windows\system32\MRT
2015-09-10 23:20 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-01-05 23:37 - 2015-01-05 23:37 - 0000000 _____ () C:\Users\PC-HP.Pavilion\AppData\Local\{1C4A3413-DED2-4A5B-9DBD-A3E27C847776}

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-13 18:44

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 02 říj 2015 18:14

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Susan24 · #3 Příspěvek od **Susan24** » 04 říj 2015 03:56

# AdwCleaner v5.009 - Logfile created 04/10/2015 at 04:39:48
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 8 (x64)
# Username : PC-HP.Pavilion - PC-HP
# Running from : C:\Users\PC-HP.Pavilion\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PanService

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Mobogenie
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\AppData\Local\genienext
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\AppData\Local\pokki
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\AppData\Roaming\newnext.me
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[-] Folder Deleted : C:\Users\PC-HP.Pavilion\Documents\Mobogenie

***** [ Files ] *****

[-] File Deleted : C:\Users\PC-HP.Pavilion\daemonprocess.txt
[-] File Deleted : C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\PC-HP.Pavilion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk
[-] File Deleted : C:\Users\PC-HP.Pavilion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Menu.lnk
[-] File Deleted : C:\Users\PC-HP.Pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : Pokki
[-] Task Deleted : Adobe Flash Player Updater
[-] Task Deleted : Pokki

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Pokki

***** [ Web browsers ] *****

[-] [C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : spokojenypes.cz
[-] [C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bopakagnckmlgajfccecajhnimjiiedh

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3499 bytes] ##########

#4 Příspěvek od **Rudy** » 04 říj 2015 11:28

Dejte nový log FRST.

Susan24 · #5 Příspěvek od **Susan24** » 04 říj 2015 12:46

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
Ran by PC-HP.Pavilion (administrator) on PC-HP (04-10-2015 13:34:50)
Running from C:\Users\PC-HP.Pavilion\Downloads
Loaded Profiles: PC-HP.Pavilion (Available Profiles: PC-HP.Pavilion)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\Run: [Google Update] => C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\RunOnce: [Application Restart #2] => C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --di (the data entry has 589 more characters).
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-08-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * aswBoot.exe /M:19e4772c934 /wow /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A496B595-FBFD-4F15-BEBF-B3A13F61139F}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {EE244934-51E0-4199-BA6D-DC1B4C1DD62C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {EE244934-51E0-4199-BA6D-DC1B4C1DD62C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-553041264-3858676470-1185905030-1002 -> {EE244934-51E0-4199-BA6D-DC1B4C1DD62C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-553041264-3858676470-1185905030-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\PC-HP.Pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\91gag02d.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-553041264-3858676470-1185905030-1002: @tools.google.com/Google Update;version=3 -> C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-553041264-3858676470-1185905030-1002: @tools.google.com/Google Update;version=9 -> C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-553041264-3858676470-1185905030-1002: google.com/WidevineMediaOptimizer -> C:\Users\PC-HP.Pavilion\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-05]
CHR Extension: (Disk Google) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-05]
CHR Extension: (YouTube) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-05]
CHR Extension: (Vyhledávání Google) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-02]
CHR Extension: (Gmail) - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-06-20] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [37632 2013-06-01] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [51200 2012-07-26] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [29952 2013-07-20] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-04-11] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-24] (Advanced Micro Devices)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-07-20] (Broadcom Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288840 2013-03-29] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-04 13:34 - 2015-10-04 13:35 - 00015723 _____ C:\Users\PC-HP.Pavilion\Downloads\FRST.txt
2015-10-04 13:32 - 2015-10-04 13:32 - 00112640 _____ (forum.viry.cz) C:\Users\PC-HP.Pavilion\Downloads\Nepotvrzeno 853844.crdownload
2015-10-04 13:29 - 2015-10-04 13:29 - 00112640 _____ (forum.viry.cz) C:\Users\PC-HP.Pavilion\Downloads\Nepotvrzeno 782932.crdownload
2015-10-04 13:26 - 2015-10-04 13:26 - 00112640 _____ (forum.viry.cz) C:\Users\PC-HP.Pavilion\Downloads\Nepotvrzeno 382064.crdownload
2015-10-04 13:25 - 2015-10-04 13:25 - 02193408 _____ (Farbar) C:\Users\PC-HP.Pavilion\Downloads\FRST64.exe
2015-10-04 04:27 - 2015-10-04 04:39 - 00000000 ____D C:\AdwCleaner
2015-10-04 04:26 - 2015-10-04 04:26 - 01670656 _____ C:\Users\PC-HP.Pavilion\Desktop\adwcleaner_5.009.exe
2015-10-02 18:17 - 2015-10-02 18:21 - 00029415 _____ C:\Users\PC-HP.Pavilion\Desktop\Addition.txt
2015-10-02 18:12 - 2015-10-02 18:21 - 00029054 _____ C:\Users\PC-HP.Pavilion\Desktop\FRST.txt
2015-10-02 18:11 - 2015-10-04 13:34 - 00000000 ____D C:\FRST
2015-10-02 18:10 - 2015-10-02 18:10 - 02192384 _____ (Farbar) C:\Users\PC-HP.Pavilion\Desktop\FRST64.exe
2015-10-02 17:34 - 2015-10-04 13:31 - 00288064 _____ C:\Windows\WindowsUpdate.log
2015-10-02 17:32 - 2015-10-02 17:32 - 00045468 _____ C:\Users\PC-HP.Pavilion\Downloads\cc_20151002_173237.reg
2015-09-28 17:19 - 2015-09-28 17:19 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-28 17:19 - 2015-09-28 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-28 17:19 - 2015-09-28 17:19 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-23 14:27 - 2015-09-12 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-09-23 14:27 - 2015-09-12 15:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-09-23 14:27 - 2015-09-12 15:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2015-09-23 14:27 - 2015-09-12 15:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2015-09-23 14:27 - 2015-09-12 15:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2015-09-17 22:44 - 2015-09-17 22:54 - 1978720256 _____ C:\Users\PC-HP.Pavilion\Downloads\Vedlejší účinky .(2013) HQ CZ Dabing.avi
2015-09-08 22:50 - 2015-09-02 15:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 22:50 - 2015-09-02 15:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 22:50 - 2015-09-02 15:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 22:50 - 2015-09-02 15:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 22:50 - 2015-08-05 15:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 22:50 - 2015-08-01 18:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 22:50 - 2015-08-01 17:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 22:50 - 2015-08-01 15:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 22:50 - 2015-08-01 15:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 22:50 - 2015-08-01 15:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 22:50 - 2015-07-18 21:30 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-08 22:50 - 2015-07-03 15:33 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-08 22:50 - 2015-07-03 15:23 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 22:47 - 2015-08-04 16:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-09-08 22:47 - 2015-08-04 15:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-09-08 22:47 - 2015-08-04 15:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-08-04 15:53 - 02307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 22:47 - 2015-08-04 15:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 22:47 - 2015-08-04 15:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-09-08 22:46 - 2015-09-02 15:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 22:46 - 2015-09-02 15:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 22:46 - 2015-09-02 01:25 - 04065280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 22:46 - 2015-08-28 23:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 22:46 - 2015-08-27 20:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 22:45 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 22:45 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 22:45 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 22:45 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 22:44 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 22:44 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 22:44 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 22:44 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 22:44 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-04 13:25 - 2014-01-09 22:32 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-553041264-3858676470-1185905030-1002
2015-10-04 13:06 - 2013-08-27 15:59 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-10-04 12:50 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-10-04 11:20 - 2014-10-08 13:44 - 00001010 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA.job
2015-10-04 11:16 - 2014-01-05 20:05 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-04 11:15 - 2014-01-05 20:05 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 11:15 - 2013-03-22 10:00 - 00000983 _____ C:\Windows\SysWOW64\bscs.ini
2015-10-04 11:15 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-04 11:14 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-04 05:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2015-10-04 05:04 - 2013-07-20 20:33 - 00755956 _____ C:\Windows\system32\perfh005.dat
2015-10-04 05:04 - 2013-07-20 20:33 - 00162886 _____ C:\Windows\system32\perfc005.dat
2015-10-04 05:04 - 2012-07-26 09:28 - 01851486 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-04 04:40 - 2014-01-05 18:37 - 00000000 ____D C:\Users\PC-HP.Pavilion
2015-10-04 04:40 - 2013-08-27 15:59 - 00001327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2015-10-03 14:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2015-10-02 17:39 - 2014-01-30 00:08 - 00013312 ___SH C:\Users\PC-HP.Pavilion\Desktop\Thumbs.db
2015-09-30 15:35 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-09-29 18:47 - 2014-01-05 20:05 - 00000000 ____D C:\Users\PC-HP.Pavilion\AppData\Local\Google
2015-09-28 23:22 - 2014-01-05 20:06 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-25 10:19 - 2014-10-08 13:44 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core.job
2015-09-24 11:14 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-09-23 11:27 - 2015-08-12 12:27 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-17 23:07 - 2015-02-11 22:09 - 00811472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-17 23:07 - 2015-02-11 22:09 - 00177616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-17 10:14 - 2014-10-08 13:44 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA
2015-09-17 10:14 - 2014-10-08 13:44 - 00003594 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core
2015-09-15 00:11 - 2015-07-16 13:57 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 00:11 - 2014-01-05 20:05 - 00003708 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 23:32 - 2015-03-22 12:21 - 00291688 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-14 23:30 - 2015-08-28 01:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-14 23:30 - 2015-06-11 00:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-14 23:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2015-09-14 23:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 23:46 - 2014-08-09 14:09 - 00000000 ____D C:\Windows\system32\MRT
2015-09-10 23:20 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-01-05 23:37 - 2015-01-05 23:37 - 0000000 _____ () C:\Users\PC-HP.Pavilion\AppData\Local\{1C4A3413-DED2-4A5B-9DBD-A3E27C847776}

Some files in TEMP:
====================
C:\Users\PC-HP.Pavilion\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-04 05:03

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 04 říj 2015 13:24

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Program Files\McAfee Security Scan
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\RunOnce: [Application Restart #2] => C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --di (the data entry has 589 more characters).
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-08-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
Toolbar: HKU\S-1-5-21-553041264-3858676470-1185905030-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Windows\system32\ApnDatabase.xml
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC-HP.Pavilion\AppData\Local\Temp
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION
End

Uložte do C:\Users\PC-HP.Pavilion\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Susan24 · #7 Příspěvek od **Susan24** » 04 říj 2015 15:07

Fix result of Farbar Recovery Scan Tool (x64) Version:03-10-2015
Ran by PC-HP.Pavilion (2015-10-04 16:04:12) Run:1
Running from C:\Users\PC-HP.Pavilion\Downloads
Loaded Profiles: PC-HP.Pavilion (Available Profiles: PC-HP.Pavilion)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Program Files\McAfee Security Scan
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\...\RunOnce: [Application Restart #2] => C:\Users\PC-HP.Pavilion\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --di (the data entry has 589 more characters).
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-08-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
Toolbar: HKU\S-1-5-21-553041264-3858676470-1185905030-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Windows\system32\ApnDatabase.xml
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC-HP.Pavilion\AppData\Local\Temp
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION
End
*****************

C:\Program Files\McAfee Security Scan => moved successfully
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #2 => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe => not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-553041264-3858676470-1185905030-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
C:\Windows\system32\ApnDatabase.xml => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-553041264-3858676470-1185905030-1002Core.job => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\PC-HP.Pavilion\AppData\Local\Temp => moved successfully
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION => Error: No automatic fix found for this entry.

==== End of Fixlog 16:04:13 ====

#8 Příspěvek od **Rudy** » 04 říj 2015 18:21

Smazáno. Nastala nějaká změna?

Susan24 · #9 Příspěvek od **Susan24** » 05 říj 2015 21:02

Bohuzel problem stale pretrvava, ve chvili, kdy se na obrazovce objevi takovy bily bublinky o prumeru 3 cm, tak ukazatel mysi si dela co chce a internetovy stranky cas od casu se zacnou sami od sebe priblizovat a oddalovat

#10 Příspěvek od **Rudy** » 05 říj 2015 21:10

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Susan24 · #11 Příspěvek od **Susan24** » 08 říj 2015 21:34

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 8. 10. 2015
Čas skenování: 21:56
Protokol: test.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.10.08.04
Databáze rootkitů: v2015.10.06.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: PC-HP.Pavilion

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 348698
Uplynulý čas: 33 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.APNToolBar, C:\Users\PC-HP.Pavilion\Documents\APNSetup1.exe, , [e79d1a3adbb04ee87ae5625b18e9b34d],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#12 Příspěvek od **Rudy** » 09 říj 2015 17:41

Nalezenou položku smažte.

Susan24 · #13 Příspěvek od **Susan24** » 16 říj 2015 20:31

Bohuzel i po smazani tohodle malware se problem porad vyskytuje, udelal jsem dnes vecer znovu kontrolu, ale nic to nenaslo

#14 Příspěvek od **Rudy** » 16 říj 2015 20:33

Ještě spusťte Zoek:

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

lean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

Susan24 · #15 Příspěvek od **Susan24** » 17 říj 2015 23:30

Zoek.exe v5.0.0.1 Updated 17-October-2015
Tool run by PC-HP.Pavilion on ne 18. 10. 2015 at 0:15:50,47.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC-HP.Pavilion\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-10-17-220035.log 1302 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== FireFox Fix ======================

Deleted from C:\Users\PC-HP~1.PAV\AppData\Roaming\Mozilla\Firefox\Profiles\91gag02d.default\prefs.js:

Added to C:\Users\PC-HP~1.PAV\AppData\Roaming\Mozilla\Firefox\Profiles\91gag02d.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\PC-HP~1.PAV\AppData\Roaming\Mozilla\Firefox\Profiles\91gag02d.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\PC-HP.Pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\91gag02d.default
DAD55CEF682EAE6FA7B4C9487563A496 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director
1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\PC-HP.Pavilion\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
7D127425BBE91DF37448A7F44C1DDA52 - C:\Users\PC-HP.Pavilion\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... c=HPNTDFJS"
{EE244934-51E0-4199-BA6D-DC1B4C1DD62C} Amazon (UK) Search Suggestions Url="http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC-HP.Pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC-HP.Pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\PC-HP~1.PAV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC-HP~1.PAV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\PC-HP.Pavilion\AppData\Local\Mozilla\Firefox\Profiles\91gag02d.default\cache2 emptied successfully
C:\Users\PC-HP~1.PAV\AppData\Local\Mozilla\Firefox\Profiles\91gag02d.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\PC-HP.Pavilion\AppData\Local\Temp will be emptied at reboot
C:\Users\PC-HP~1.PAV\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PC-HP~1.PAV\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 18. 10. 2015 at 0:26:24,71 ======================

VIRY.CZ

Problemy s notebookem HP Pavilion

Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion

Re: Problemy s notebookem HP Pavilion