VIRY.CZ

Zdravim pomaly beh pc a mys se kouse porad sroluje na jednom miste. Uz jsem zakoupil i novou ale problem pretrvava(pripojeni pres usb)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2017
Ran by PCN_07 (administrator) on Mike (24-05-2017 14:39:04)
Running from C:\Documents and Settings\PCN_07\Dokumenty\Stažené soubory
Loaded Profiles: PCN_07 & Administrator (Available Profiles: PCN_07 & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Sharpdesk\FTPServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Samsung\Easy Setting Box\EasySettingBox.exe
(Sysinternals - www.sysinternals.com) C:\programy\ProcessExplorer\procexp.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sharp Corporation) C:\WINDOWS\system32\spool\drivers\w32x86\3\SS0ILMSW.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16876032 2008-07-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [FtpServer.exe] => C:\Program Files\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION)
HKLM\...\Run: [EasySettingBox] => C:\Program Files\Samsung\Easy Setting Box\EasySettingBox.exe********************************************************************* [457728 2013-12-26] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2008-06-11] (ATI Technologies Inc.)
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\Run: [Process Explorer] => "C:\PROGRAMY\PROCESSEXPLORER\PROCEXP.EXE" /t
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\Run: [Google Update] => C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\MountPoints2: K - K:\Bolt.exe
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\MountPoints2: {fae5458f-3ffe-11e0-9ce2-001fd095b5a8} - K:\Bolt.exe
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 85.132.180.62
Tcpip\..\Interfaces\{17A1E4B0-DA96-4A09-AB87-DEE264ABF849}: [DhcpNameServer] 85.132.180.62

Internet Explorer:
==================
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1801674531-1659004503-725345543-1004 - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
URLSearchHook: [S-1-5-21-1801674531-1659004503-725345543-500] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1801674531-1659004503-725345543-1004 -> DefaultScope {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = hxxp://www.google.com/custom?q={searchTerms}&s ... BFORID%3A1
SearchScopes: HKU\S-1-5-21-1801674531-1659004503-725345543-1004 -> {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = hxxp://www.google.com/custom?q={searchTerms}&s ... BFORID%3A1
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1386853633484
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PCN_07\Data aplikací\Mozilla\Firefox\Profiles\ehljk49c.default [2017-05-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-20] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll [2013-12-11] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1801674531-1659004503-725345543-1004: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1801674531-1659004503-725345543-1004: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
CHR Profile: C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2017-05-09]
CHR Extension: (YouTube) - C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (AT_SuperMonkeyBall) - C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hjpneodhhegapgagpdeeahiomeiagidi [2011-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
StartMenuInternet: chrome.exe - C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome - C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1971968 2015-10-09] (ESET)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [205800 2015-09-23] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [145512 2015-09-23] (ESET)
R2 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [111040 2015-10-07] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [127496 2015-09-23] (ESET)
S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2009-02-05] (Windows (R) 2000 DDK provider)
S2 GP32Usb; C:\WINDOWS\System32\Drivers\GP32USB.sys [10418 2001-10-30] (Windows (R) 2000 DDK provider) [File not signed]
R3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3692288 2008-06-18] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-24 14:38 - 2017-05-24 14:39 - 00000000 ____D C:\FRST
2017-05-24 14:35 - 2017-05-24 14:35 - 00029696 _____ C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\MSGBOX.EXE
2017-05-24 14:35 - 2017-05-24 14:35 - 00015327 _____ C:\Documents and Settings\PCN_07\Plocha\LM.bat
2017-05-12 06:34 - 2017-05-12 06:34 - 00045627 _____ C:\Documents and Settings\PCN_07\Plocha\p.premysl_junasek.pdf
2017-04-25 16:59 - 2017-04-25 16:59 - 00046275 _____ C:\Documents and Settings\PCN_07\Plocha\faktura.pdf
2017-04-24 14:02 - 2017-04-24 14:02 - 00939546 _____ C:\Documents and Settings\PCN_07\Plocha\Smlouva_1704018005.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-24 14:39 - 2012-11-19 14:40 - 00000000 ____D C:\Documents and Settings\PCN_07\Dokumenty\Stažené soubory
2017-05-24 14:39 - 2009-02-05 19:50 - 00000000 ____D C:\Documents and Settings\PCN_07\Local Settings\Temp
2017-05-24 14:35 - 2009-02-05 19:50 - 00000000 ___HD C:\Documents and Settings\PCN_07\Local Settings\Data aplikací
2017-05-24 14:35 - 2009-02-05 19:50 - 00000000 ____D C:\Documents and Settings\PCN_07\Plocha
2017-05-24 14:24 - 2010-12-27 09:42 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004UA.job
2017-05-24 09:41 - 2017-02-02 09:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-24 09:41 - 2012-11-09 09:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-24 07:05 - 2009-02-05 19:50 - 00000000 ___RD C:\Documents and Settings\PCN_07\Oblíbené položky
2017-05-24 06:23 - 2010-12-27 09:42 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004Core.job
2017-05-24 05:38 - 2009-02-05 19:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-24 05:38 - 2004-08-18 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2017-05-23 14:32 - 2009-02-05 20:03 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2017-05-23 14:32 - 2009-02-05 19:50 - 00000178 ___SH C:\Documents and Settings\PCN_07\ntuser.ini
2017-05-23 14:32 - 2009-02-05 19:49 - 00032406 _____ C:\WINDOWS\SchedLgU.Txt
2017-05-14 10:58 - 2013-05-06 15:30 - 00000000 ____D C:\Documents and Settings\PCN_07\Dokumenty\MX2314N
2017-05-10 16:45 - 2009-10-20 15:29 - 00001461 _____ C:\Documents and Settings\All Users\Plocha\S3 Kasa.lnk
2017-05-10 16:45 - 2009-10-20 15:29 - 00001456 _____ C:\Documents and Settings\All Users\Plocha\Money S3.lnk
2017-05-10 16:45 - 2009-02-05 20:36 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-05-05 07:59 - 2017-04-06 11:03 - 00000000 ____D C:\Documents and Settings\PCN_07\Plocha\poslat
2017-04-24 14:39 - 2013-04-16 14:51 - 00000000 ____D C:\Documents and Settings\PCN_07\Plocha\PODKLADY ACTIV WOOD
2017-04-24 09:54 - 2009-02-05 19:50 - 00000000 ___HD C:\Documents and Settings\PCN_07\Okolní síť

==================== Files in the root of some directories =======

2011-09-02 06:55 - 2016-10-25 07:03 - 0005120 _____ () C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-21 06:19 - 2009-10-21 06:19 - 0000126 _____ () C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\fusioncache.dat
2017-05-24 14:35 - 2017-05-24 14:35 - 0029696 _____ () C:\Documents and Settings\PCN_07\Local Settings\Data aplikací\MSGBOX.EXE

Some files in TEMP:
====================
2015-07-14 14:28 - 2009-11-26 13:23 - 1314816 ____R () C:\Documents and Settings\PCN_07\Local Settings\Temp\Bolt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.047 - Log vytvořen 24/05/2017 v 17:59:12
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : PCN_07 - Mike
# Spuštěno z : C:\Documents and Settings\PCN_07\Plocha\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2632 Bajty] - [24/03/2017 11:12:23]
C:\AdwCleaner\AdwCleaner[C2].txt - [902 Bajty] - [24/05/2017 17:59:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [2808 Bajty] - [24/03/2017 11:11:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [1546 Bajty] - [24/05/2017 17:57:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1120 Bajty] ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\MountPoints2: K - K:\Bolt.exe
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\MountPoints2: {fae5458f-3ffe-11e0-9ce2-001fd095b5a8} - K:\Bolt.exe
URLSearchHook: [S-1-5-21-1801674531-1659004503-725345543-500] ATTENTION => Default URLSearchHook is missing
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004Core.job
C:\Documents and Settings\PCN_07\Local Settings\Temp

EmptyTemp:
End

Uložte do C:\Documents and Settings\PCN_07\Dokumenty\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Zdravim
Fix result of Farbar Recovery Scan Tool (x86) Version: 24-05-2017
Ran by PCN_07 (25-05-2017 06:26:59) Run:1
Running from C:\Documents and Settings\PCN_07\Dokumenty\Stažené soubory
Loaded Profiles: PCN_07 & Administrator (Available Profiles: PCN_07 & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\MountPoints2: K - K:\Bolt.exe
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\...\MountPoints2: {fae5458f-3ffe-11e0-9ce2-001fd095b5a8} - K:\Bolt.exe
URLSearchHook: [S-1-5-21-1801674531-1659004503-725345543-500] ATTENTION => Default URLSearchHook is missing
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004Core.job
C:\Documents and Settings\PCN_07\Local Settings\Temp

EmptyTemp:
End
*****************

HKU\S-1-5-21-1801674531-1659004503-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K => key removed successfully.
HKU\S-1-5-21-1801674531-1659004503-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fae5458f-3ffe-11e0-9ce2-001fd095b5a8} => key removed successfully.
HKCR\CLSID\{fae5458f-3ffe-11e0-9ce2-001fd095b5a8} => key not found.
Could not restore Default URLSearchHook.
HKLM\System\CurrentControlSet\Services\IntelIde => key removed successfully.
IntelIde => service removed successfully.
HKLM\System\CurrentControlSet\Services\WS2IFSL => key removed successfully.
WS2IFSL => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1659004503-725345543-1004Core.job => moved successfully

"C:\Documents and Settings\PCN_07\Local Settings\Temp" folder move:

Could not move "C:\Documents and Settings\PCN_07\Local Settings\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 9761 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 92064 B
Java, Flash, Steam htmlcache => 664 B
Windows/system/dllcache/drivers => 32768 B
Edge => 0 B
Chrome => 484673919 B
Firefox => 441963608 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 66164 B
All Users => 0 B
systemprofile => 320261152 B
LocalService => 628 B
NetworkService => 66164 B
PCN_07 => 5395289 B
Administrator => 176536 B

RecycleBin => 2500090319 B
EmptyTemp: => 3.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-05-2017 06:37:00)

C:\Documents and Settings\PCN_07\Local Settings\Temp => moved successfully

==== End of Fixlog 06:37:00 ====

Smazáno. Nastala nějaká změna?

bohuzel ne

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic namžte.