Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-12-2015
Ran by Dominik (administrator) on DOMYNIK (24-12-2015 13:49:28)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 10 Home (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
() C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files\ZenDeals\ZenDeals.exe
(Spotify Ltd) C:\Users\Dominik\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Dominik\AppData\Local\Viber\Viber.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE16\CSISYNCCLIENT.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Dominik\AppData\Local\Temp\g660B.tmp.exe
(Pushbullet Inc) C:\Users\Dominik\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\wuapihost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1512.17020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Dominik\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2015-01-28] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-01-28] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [ZenDeals] => C:\Program Files\ZenDeals\ZenDeals.exe [3629568 2015-09-28] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKLM-x32\...\Run: [XPE] => C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe [28672 2015-08-21] (XPExplorer.com - 2015)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\...\Run: [Spotify Web Helper] => C:\Users\Dominik\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-29] (Spotify Ltd)
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\...\Run: [Viber] => C:\Users\Dominik\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\...\MountPoints2: {34e9d6f3-6c44-11e5-8261-df5c4ce01fff} - "Z:\SETUP.EXE"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8ce8f589-69aa-4348-a320-da19daba39f2}: [DhcpNameServer] 169.254.23.175
Tcpip\..\Interfaces\{e7d79321-9525-4320-913d-d88c75cdc5c8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2842944352-2311519287-1488624730-1001 -> DefaultScope {846C1938-CA40-4284-8D8C-F10E7846F0C6} URL =
SearchScopes: HKU\S-1-5-21-2842944352-2311519287-1488624730-1001 -> {846C1938-CA40-4284-8D8C-F10E7846F0C6} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0-git-20150928-0404 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://www2.delta-search.com/?affID=121562&babsrc=HP_ss&mntrId=56859E4E3635137C"
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-28]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-16]
CHR Extension: (Google Docs) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-28]
CHR Extension: (Google Drive) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Adblock Plus) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-26]
CHR Extension: (Google-Suche) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Tabellen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-28]
CHR Extension: (Google Docs Offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Bookmark Manager) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-11-16]
CHR Extension: (AllCast Receiver) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2015-12-19]
CHR Extension: (Ink for Google™) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanckoiohnlgdommlcckcflkmllobgj [2015-12-23]
CHR Extension: (Material-Light For chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hminnlbdjfhgkohojemllecgpllgiegf [2015-09-29]
CHR Extension: (Google Hangouts) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-12-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-28]
CHR Extension: (Google Mail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-28]
CHR Extension: (Inbox by Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2015-09-28]
CHR HKU\S-1-5-21-2842944352-2311519287-1488624730-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-07] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-28] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2015-01-28] (Lenovo)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2015-01-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2015-01-28] (Lenovo)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-01-28] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-15] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-06-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-24 13:49 - 2015-12-24 13:50 - 00022597 _____ C:\Users\Dominik\Desktop\FRST.txt
2015-12-24 13:48 - 2015-12-24 13:49 - 00000000 ____D C:\FRST
2015-12-24 13:47 - 2015-12-24 13:47 - 02370560 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2015-12-24 13:45 - 2015-12-24 13:46 - 00112640 _____ (forum.viry.cz) C:\Users\Dominik\Desktop\FRSTLauncher.exe
2015-12-24 13:36 - 2015-12-24 13:36 - 00016148 _____ C:\WINDOWS\system32\DOMYNIK_Dominik_HistoryPrediction.bin
2015-12-24 11:18 - 2015-12-24 11:18 - 00000000 ___HD C:\OneDriveTemp
2015-12-19 17:24 - 2015-12-19 17:24 - 00152186 _____ C:\Users\Dominik\Downloads\Orange_doklad_FR_201511_CN0079189155.pdf
2015-12-19 17:22 - 2015-12-19 17:22 - 00156724 _____ C:\Users\Dominik\Downloads\Orange_doklad_FR_201512_CN0079189155.pdf
2015-12-18 22:35 - 2015-12-18 22:35 - 00004704 _____ C:\Users\Dominik\Downloads\premium_looks_by_sparklestock__lite__by_pstutorialsws-d7atwn2.zip
2015-12-18 11:20 - 2015-12-18 11:21 - 00000000 ____D C:\Users\Dominik\Desktop\Opatovska 4.C
2015-12-17 22:38 - 2015-12-17 23:05 - 792124058 _____ C:\Users\Dominik\Downloads\Opatovska 4.C.zip
2015-12-15 21:20 - 2015-12-20 22:35 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\.minecraft
2015-12-15 21:20 - 2015-12-15 21:20 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-12-15 21:20 - 2015-12-15 21:20 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\java
2015-12-15 20:10 - 2015-12-15 20:11 - 00000000 ____D C:\Users\Dominik\Downloads\Minecraft 1.8.8 by TeamExtreme
2015-12-15 16:36 - 2015-12-15 16:40 - 00000139 _____ C:\Users\Dominik\AlienBreed.property
2015-12-15 16:35 - 2015-12-15 16:36 - 12810828 _____ C:\Users\Dominik\Downloads\AlienBreed.jar
2015-12-09 17:45 - 2015-12-24 11:18 - 00000000 ____D C:\Users\Dominik\AppData\Local\Pushbullet
2015-12-09 17:45 - 2015-12-09 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2015-12-09 17:45 - 2015-12-09 17:45 - 00000000 ____D C:\Program Files (x86)\Pushbullet
2015-12-09 17:41 - 2015-12-09 17:45 - 01737872 _____ (Pushbullet Inc ) C:\Users\Dominik\Downloads\pushbullet_installer.exe
2015-12-01 21:10 - 2015-12-01 21:10 - 00097975 _____ C:\Users\Dominik\Downloads\received_1046323355432470.jpeg
2015-12-01 13:23 - 2015-12-01 13:23 - 00188341 _____ C:\Users\Dominik\Downloads\FA_PR 2016_17_vyhlaska dekana 2_2015.pdf
2015-11-28 10:03 - 2015-11-28 10:03 - 59215220 _____ C:\Users\Dominik\Desktop\4.C.pptx
2015-11-26 10:20 - 2015-11-26 10:22 - 1250830983 _____ C:\Users\Dominik\Downloads\D6603_23.0.A.2.93_GloBul BG.ftf
2015-11-25 21:52 - 2015-11-25 21:53 - 03977561 _____ C:\Users\Dominik\Downloads\SuperSU-v2.56-20151030013730 (1).zip
2015-11-24 21:29 - 2015-11-24 21:34 - 60020883 _____ C:\Users\Dominik\Downloads\jby5h.Minimal.Opener.Slideshow..Project.for.After.Effects.VideoHive.zip
2015-11-24 21:24 - 2015-11-24 21:24 - 00725702 _____ C:\Users\Dominik\Downloads\ElegantSlideshow.zip
2015-11-24 21:22 - 2015-11-24 21:36 - 131509421 _____ C:\Users\Dominik\Downloads\2D-3D-slideshow.7z
2015-11-24 20:57 - 2015-11-24 21:00 - 00000000 ____D C:\Users\Dominik\Desktop\Messenger
2015-11-24 20:51 - 2015-11-24 20:51 - 00001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2015-11-24 20:47 - 2015-11-24 20:47 - 00001384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2015-11-24 20:44 - 2015-11-24 20:44 - 00001626 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-24 13:49 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-24 13:30 - 2015-11-06 22:09 - 00007620 _____ C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2015-12-24 13:30 - 2015-09-28 22:04 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2015-12-24 13:12 - 2015-09-28 21:02 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-24 12:56 - 2015-09-30 19:03 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe
2015-12-24 11:21 - 2015-09-27 22:19 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8DAF6A79-2731-4A64-9A24-A014E5E04486}
2015-12-24 11:19 - 2015-10-11 20:43 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-12-24 11:18 - 2015-10-06 15:20 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\ViberPC
2015-12-24 11:18 - 2015-09-28 22:15 - 00000000 ___RD C:\Users\Dominik\Disk Google
2015-12-24 11:18 - 2015-09-28 21:02 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-24 11:18 - 2015-09-28 20:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-24 11:18 - 2015-09-27 22:04 - 00000000 ___RD C:\Users\Dominik\OneDrive
2015-12-24 11:18 - 2015-09-27 21:56 - 00000000 __SHD C:\Users\Dominik\IntelGraphicsProfiles
2015-12-20 23:19 - 2015-10-29 21:41 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2015-12-19 20:34 - 2015-09-28 21:41 - 00000000 ____D C:\Users\Dominik\AppData\Local\Spotify
2015-12-19 19:57 - 2015-09-28 21:38 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Spotify
2015-12-19 11:11 - 2015-09-28 21:40 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2015-12-18 22:35 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-18 11:35 - 2015-09-28 20:31 - 00000000 ____D C:\Users\Dominik
2015-12-17 23:14 - 2015-09-28 21:06 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2015-12-17 22:42 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-15 21:57 - 2015-09-30 17:53 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\uTorrent
2015-12-15 20:41 - 2015-09-28 21:22 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-15 20:32 - 2015-10-30 10:42 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-13 20:28 - 2015-09-28 20:55 - 00002438 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-09 19:18 - 2015-10-11 20:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 19:17 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-09 19:16 - 2015-09-28 21:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 19:01 - 2015-09-28 21:10 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 04:39 - 2015-09-30 17:00 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-07 20:39 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-06 20:47 - 2015-10-06 15:22 - 00000000 ____D C:\Users\Dominik\Documents\ViberDownloads
2015-12-06 19:07 - 2015-09-28 21:02 - 00004192 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 19:07 - 2015-09-28 21:02 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 18:39 - 2015-09-27 21:56 - 00000000 ____D C:\Users\Dominik\AppData\Local\Packages
2015-12-03 15:12 - 2015-09-28 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 21:03 - 2015-10-04 11:47 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Dopamine
2015-11-29 20:11 - 2015-10-04 19:36 - 00771220 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-29 20:11 - 2015-10-04 19:36 - 00154374 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-29 20:11 - 2015-09-28 20:43 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-29 20:06 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-29 20:06 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-28 09:59 - 2015-11-05 18:09 - 286486956 _____ C:\Users\Dominik\Desktop\celok.psd
2015-11-26 19:16 - 2015-07-30 22:49 - 04963232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-25 21:54 - 2015-10-04 12:53 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Notepad++
2015-11-24 20:56 - 2015-09-30 19:08 - 00000000 ____D C:\Users\Dominik\Documents\Adobe
2015-11-24 20:51 - 2015-09-30 19:08 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-24 20:50 - 2015-09-30 19:05 - 00000000 ____D C:\Program Files\Adobe
2015-11-24 20:50 - 2015-09-27 21:56 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe
2015-11-24 20:46 - 2015-09-30 19:05 - 00000000 ____D C:\Program Files\Common Files\Adobe
==================== Files in the root of some directories =======
2015-11-06 22:09 - 2015-12-24 13:30 - 0007620 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2015-09-28 20:28 - 2015-09-28 20:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Dominik\system.new.dat
Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\130905413726219657.exe
C:\Users\Dominik\AppData\Local\Temp\13090541391072069056.exe
C:\Users\Dominik\AppData\Local\Temp\g660B.tmp.exe
C:\Users\Dominik\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Dominik\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Dominik\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Dominik\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Dominik\AppData\Local\Temp\project1.exe
C:\Users\Dominik\AppData\Local\Temp\proxy_vole1878380594133926805.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole2036411331732837448.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole7698479865034357032.dll
C:\Users\Dominik\AppData\Local\Temp\uttB643.tmp.exe
C:\Users\Dominik\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Dominik\Desktop" je 2253 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosim o preventivku
- Přílohy
-
- Addition.zip
- (5.85 KiB) Staženo 57 x
Re: Prosim o preventivku
Zdravím, jen trochu uklidíme v prohlížečích 
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Re: Prosim o preventivku
Ďakujem
# AdwCleaner v5.026 - Logfile created 25/12/2015 at 17:43:48
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Dominik - DOMYNIK
# Running from : C:\Users\Dominik\Downloads\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
***** [ Files ] *****
[-] File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\distromatic
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
***** [ Web browsers ] *****
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.sweetim.com
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www2.delta-search.com/?affID=121562&babsrc=HP_ss&mntrId=56859E4E3635137C
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1823 bytes] ##########
# AdwCleaner v5.026 - Logfile created 25/12/2015 at 17:43:48
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Dominik - DOMYNIK
# Running from : C:\Users\Dominik\Downloads\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
***** [ Files ] *****
[-] File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\distromatic
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
***** [ Web browsers ] *****
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.sweetim.com
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www2.delta-search.com/?affID=121562&babsrc=HP_ss&mntrId=56859E4E3635137C
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1823 bytes] ##########
Re: Prosim o preventivku
Nie som si istý, či to robilo už skôr, ale pred chvíľou som si všimol, že mi náhodne na stránkach podčiarkne nejaké slová, na ktoré, keď nadídem, tak vyskočí nejaká reklama. V konzole Google Chrome vidím nejaký InterYield, google mi našiel iba nejaké pochybné stránky, preto píšem hneď tu. Nijaké rozšírenia, ktoré by to robili nevidím (skúšal som všetky odstrániť), ani nijaké podivné programy nevidím.
Vďaka za všetkú pomoc.
Vďaka za všetkú pomoc.
Re: Prosim o preventivku
Odinstaluj Spotify - Web Helperdomynik píše:Nie som si istý, či to robilo už skôr, ale pred chvíľou som si všimol, že mi náhodne na stránkach podčiarkne nejaké slová, na ktoré, keď nadídem, tak vyskočí nejaká reklama. V konzole Google Chrome vidím nejaký InterYield, google mi našiel iba nejaké pochybné stránky, preto píšem hneď tu. Nijaké rozšírenia, ktoré by to robili nevidím (skúšal som všetky odstrániť), ani nijaké podivné programy nevidím.
Vďaka za všetkú pomoc.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak použij Mbam z mého podpisu a dej mi sem z něj log po smazání.
Re: Prosim o preventivku
SpotifyWebHelper je sucastou Spotify, nie som si istý, či by bolo vhodné to odstárniť. Ak si myslíš opak, tak to vymažem.
Prešiel som ntb CCleanerom, mbam nič nenašiel. Pripájam log
Prešiel som ntb CCleanerom, mbam nič nenašiel. Pripájam log
Už som si ale nevšimol, že by mi podčiarkovalo nejaké slová.Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 29.12.2015
Čas skenování: 23:01
Protokol:
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.29.06
Databáze rootkitů: v2015.12.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Dominik
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 347526
Uplynulý čas: 12 min, 31 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosim o preventivku
No není to zrovna ideální softík, osobně bych se jej zbavil.domynik píše:SpotifyWebHelper je sucastou Spotify, nie som si istý, či by bolo vhodné to odstárniť. Ak si myslíš opak, tak to vymažem.
Mbam odinstaluj a pokud je již s PC vše v pořádku je to z mé strany vše.
Re: Prosim o preventivku
Vedel by si mi aj odvövodniť/vysvetliť, prečo to nie je idealný soft? Aby som bol o niečo múdrejši.Roli píše:No není to zrovna ideální softík, osobně bych se jej zbavil.domynik píše:SpotifyWebHelper je sucastou Spotify, nie som si istý, či by bolo vhodné to odstárniť. Ak si myslíš opak, tak to vymažem.
Re: Prosim o preventivku
Je to jeden z programů které čile komunikují se světem a tím podstatně brzdí net, nehledě na to že nepotřebuji aby kde kdo věděl co mám v PC za hudbu.
Re: Prosim o preventivku
ďakujem, a tiež ďakujem za prezretie pcRoli píše:Je to jeden z programů které čile komunikují se světem a tím podstatně brzdí net, nehledě na to že nepotřebuji aby kde kdo věděl co mám v PC za hudbu.
Přispějete na provoz fóra?