Prosba o pomoc

[mople71]

Odinstaluj prosím tyto programy:

Kód: Vybrat vše

CCleaner

Odinstaluj zbytky McAfee pomocí MCPR: http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp

Stáhni a spusť jako Správce, vše odsouhlas.

--------------------------------------------------

Aplikuj fixlist pro FRST:

Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Task: {204146D1-BF07-4F5F-8959-AC9BE1959C8D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {5DC12736-12AF-4E52-A52F-FB63B6716C7D} - \avastBCLRestartS-1-5-21-2872613751-217386147-1613749458-1001 No Task File <==== ATTENTION
Task: {66FE8291-FA4B-4FD3-9E3E-C2115C54F427} - \Optimize Start Menu Cache Files-S-1-5-21-2872613751-217386147-1613749458-1001 No Task File <==== ATTENTION
Task: {8B0FBF55-FE1C-4ACF-89C2-B779C4C72D93} - System32\Tasks\{09DB2006-420B-431B-A47E-BE583F0E05AF} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/sk/ ... e=tsPlugin
Task: {911FE0C3-01A6-4DC7-9F5C-DAFF5690D0A5} - System32\Tasks\{04AE30A1-B14D-4001-90C3-56F1D658191B} => Chrome.exe http://ui.skype.com/ui/0/7.1.0.105/sk/a ... age=tsMain
Task: {963E2827-F000-4978-8739-DF1EA130F254} - System32\Tasks\{9345E045-38D3-4308-9989-A279865B607C} => Chrome.exe http://ui.skype.com/ui/0/7.1.0.105/sk/a ... e=tsPlugin
Task: {CA0E0086-A96D-4271-B57E-A0F839947F0D} - System32\Tasks\IMF_AutoScan => C:\Program Files (x86)\Programy\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files (x86)\Programy\IObit
Task: {D15BEE2A-BF05-46D7-B56A-E9F6A70A9395} - System32\Tasks\{EE08A22B-B625-4554-8618-3323A0D38D10} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/sk/ ... rogressBar
Task: {DE10987C-7CA8-41AC-BA6A-37D24ED3297F} - System32\Tasks\{F1493A2B-6281-43D9-8BD6-ACD8129C2939} => pcalua.exe -a "C:\Program Files (x86)\Hry\Activision\Modern Warfare 2\unins000.exe"
Task: {E8B2019D-C9FE-4BF6-9BC7-A672E2BDEFDA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {EF43C24E-D9C9-4829-B90B-C485BD26A502} - System32\Tasks\{7EBB37F9-81D2-467A-A621-AB02035743C9} => pcalua.exe -a "C:\Program Files (x86)\Programy\yBook\unins000.exe"

DisableService: PEVSystemStart

HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
C:\Program Files\McAfee.com
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\Programy\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\Run: [Power2GoExpress] => "C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe" /Startup
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\MountPoints2: {ca6fe967-dc76-11e2-be6d-806e6f6e6963} - "E:\autorun.exe"

HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

CHR Extension: (Please enter your password) - C:\Users\Corey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-04-26]
CHR Extension: (BetaFish Adblocker) - C:\Users\Corey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-26]

S3 vm331avs; \SystemRoot\System32\Drivers\vm331avs.sys [X]

C:\Windows\Tasks\*.job
C:\ProgramData\DP45977C.lfl

CMD: bitsadmin /reset /allusers
CMD: dir C:\PROGRA~1
CMD: dir C:\PROGRA~2
CMD: dir C:\PROGRA~3
CMD: dir %appdata%

EmptyTemp:
End

Poté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.

--------------------------------------------------

Stáhni si FSS: http://www.bleepingcomputer.com/downloa ... e-scanner/

Ulož na Plochu, spusť jako správce, zathrni věškeré zobrazené možnosti a klikni na Scan. Potom dodej log.

[Reklama]

[Corey]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-04-2015
Ran by Corey at 2015-04-26 17:31:14 Run:2
Running from C:\Users\Corey\Desktop
Loaded Profiles: Corey (Available profiles: Corey)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Task: {204146D1-BF07-4F5F-8959-AC9BE1959C8D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {5DC12736-12AF-4E52-A52F-FB63B6716C7D} - \avastBCLRestartS-1-5-21-2872613751-217386147-1613749458-1001 No Task File <==== ATTENTION
Task: {66FE8291-FA4B-4FD3-9E3E-C2115C54F427} - \Optimize Start Menu Cache Files-S-1-5-21-2872613751-217386147-1613749458-1001 No Task File <==== ATTENTION
Task: {8B0FBF55-FE1C-4ACF-89C2-B779C4C72D93} - System32\Tasks\{09DB2006-420B-431B-A47E-BE583F0E05AF} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/sk/ ... e=tsPlugin
Task: {911FE0C3-01A6-4DC7-9F5C-DAFF5690D0A5} - System32\Tasks\{04AE30A1-B14D-4001-90C3-56F1D658191B} => Chrome.exe http://ui.skype.com/ui/0/7.1.0.105/sk/a ... age=tsMain
Task: {963E2827-F000-4978-8739-DF1EA130F254} - System32\Tasks\{9345E045-38D3-4308-9989-A279865B607C} => Chrome.exe http://ui.skype.com/ui/0/7.1.0.105/sk/a ... e=tsPlugin
Task: {CA0E0086-A96D-4271-B57E-A0F839947F0D} - System32\Tasks\IMF_AutoScan => C:\Program Files (x86)\Programy\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files (x86)\Programy\IObit
Task: {D15BEE2A-BF05-46D7-B56A-E9F6A70A9395} - System32\Tasks\{EE08A22B-B625-4554-8618-3323A0D38D10} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/sk/ ... rogressBar
Task: {DE10987C-7CA8-41AC-BA6A-37D24ED3297F} - System32\Tasks\{F1493A2B-6281-43D9-8BD6-ACD8129C2939} => pcalua.exe -a "C:\Program Files (x86)\Hry\Activision\Modern Warfare 2\unins000.exe"
Task: {E8B2019D-C9FE-4BF6-9BC7-A672E2BDEFDA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {EF43C24E-D9C9-4829-B90B-C485BD26A502} - System32\Tasks\{7EBB37F9-81D2-467A-A621-AB02035743C9} => pcalua.exe -a "C:\Program Files (x86)\Programy\yBook\unins000.exe"

DisableService: PEVSystemStart

HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
C:\Program Files\McAfee.com
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\Programy\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\Run: [Power2GoExpress] => "C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe" /Startup
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\...\MountPoints2: {ca6fe967-dc76-11e2-be6d-806e6f6e6963} - "E:\autorun.exe"

HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

CHR Extension: (Please enter your password) - C:\Users\Corey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-04-26]
CHR Extension: (BetaFish Adblocker) - C:\Users\Corey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-26]

S3 vm331avs; \SystemRoot\System32\Drivers\vm331avs.sys [X]

C:\Windows\Tasks\*.job
C:\ProgramData\DP45977C.lfl

CMD: bitsadmin /reset /allusers
CMD: dir C:\PROGRA~1
CMD: dir C:\PROGRA~2
CMD: dir C:\PROGRA~3
CMD: dir %appdata%

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{204146D1-BF07-4F5F-8959-AC9BE1959C8D} => Key not found.
C:\Windows\System32\Tasks\CCleanerSkipUAC not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DC12736-12AF-4E52-A52F-FB63B6716C7D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DC12736-12AF-4E52-A52F-FB63B6716C7D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2872613751-217386147-1613749458-1001" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66FE8291-FA4B-4FD3-9E3E-C2115C54F427} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2872613751-217386147-1613749458-1001" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B0FBF55-FE1C-4ACF-89C2-B779C4C72D93}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B0FBF55-FE1C-4ACF-89C2-B779C4C72D93}" => Key deleted successfully.
C:\Windows\System32\Tasks\{09DB2006-420B-431B-A47E-BE583F0E05AF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09DB2006-420B-431B-A47E-BE583F0E05AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{911FE0C3-01A6-4DC7-9F5C-DAFF5690D0A5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{911FE0C3-01A6-4DC7-9F5C-DAFF5690D0A5}" => Key deleted successfully.
C:\Windows\System32\Tasks\{04AE30A1-B14D-4001-90C3-56F1D658191B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{04AE30A1-B14D-4001-90C3-56F1D658191B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{963E2827-F000-4978-8739-DF1EA130F254}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{963E2827-F000-4978-8739-DF1EA130F254}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9345E045-38D3-4308-9989-A279865B607C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9345E045-38D3-4308-9989-A279865B607C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA0E0086-A96D-4271-B57E-A0F839947F0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA0E0086-A96D-4271-B57E-A0F839947F0D}" => Key deleted successfully.
C:\Windows\System32\Tasks\IMF_AutoScan => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IMF_AutoScan" => Key deleted successfully.
"C:\Program Files (x86)\Programy\IObit" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D15BEE2A-BF05-46D7-B56A-E9F6A70A9395}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D15BEE2A-BF05-46D7-B56A-E9F6A70A9395}" => Key deleted successfully.
C:\Windows\System32\Tasks\{EE08A22B-B625-4554-8618-3323A0D38D10} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE08A22B-B625-4554-8618-3323A0D38D10}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE10987C-7CA8-41AC-BA6A-37D24ED3297F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE10987C-7CA8-41AC-BA6A-37D24ED3297F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F1493A2B-6281-43D9-8BD6-ACD8129C2939} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1493A2B-6281-43D9-8BD6-ACD8129C2939}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8B2019D-C9FE-4BF6-9BC7-A672E2BDEFDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8B2019D-C9FE-4BF6-9BC7-A672E2BDEFDA}" => Key deleted successfully.
C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF43C24E-D9C9-4829-B90B-C485BD26A502}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF43C24E-D9C9-4829-B90B-C485BD26A502}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7EBB37F9-81D2-467A-A621-AB02035743C9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7EBB37F9-81D2-467A-A621-AB02035743C9}" => Key deleted successfully.
PEVSystemStart service key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => Value not found.
"C:\Program Files\McAfee.com" => File/Directory not found.
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress => value deleted successfully.
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
"HKU\S-1-5-21-2872613751-217386147-1613749458-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca6fe967-dc76-11e2-be6d-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{ca6fe967-dc76-11e2-be6d-806e6f6e6963} => Key not found.
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-2872613751-217386147-1613749458-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
C:\Users\Corey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn directory not found.
C:\Users\Corey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom => Moved successfully.
vm331avs => Service deleted successfully.
C:\Windows\Tasks\*.job => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {CC5087EB-7738-4636-97F4-2872703F7F38}.
Unable to cancel {F5E1EDC5-5757-4FE3-9A15-D51AF1AC8CAE}.
0 out of 2 jobs canceled.

========= End of CMD: =========


========= dir C:\PROGRA~1 =========

Volume in drive C is Windows8_OS
Volume Serial Number is A861-1C6E

Directory of C:\PROGRA~1

26.04.2015 17:23 <DIR> .
26.04.2015 17:23 <DIR> ..
10.11.2014 20:38 <DIR> AMD
24.06.2013 04:51 <DIR> ATI
10.11.2014 20:40 <DIR> ATI Technologies
04.05.2014 07:16 <DIR> AVAST Software
26.04.2015 17:23 <DIR> Common Files
10.11.2014 20:53 <DIR> CONEXANT
24.06.2013 05:28 <DIR> DIFX
10.11.2014 20:38 <DIR> Elantech
24.09.2014 10:20 <DIR> Embedded Lockdown Manager
04.05.2014 08:04 <DIR> Enigma Software Group
24.06.2013 04:49 <DIR> Intel
17.04.2015 18:37 <DIR> Internet Explorer
18.04.2015 10:47 <DIR> Lenovo
09.08.2014 15:55 <DIR> Microsoft Office
17.12.2014 22:49 <DIR> Microsoft Silverlight
10.11.2014 20:26 <DIR> MSBuild
10.11.2014 20:26 <DIR> Reference Assemblies
13.03.2015 20:02 <DIR> Windows Defender
13.03.2015 20:04 <DIR> Windows Journal
13.03.2015 20:04 <DIR> Windows Mail
13.03.2015 20:04 <DIR> Windows Media Player
13.03.2015 20:04 <DIR> Windows Multimedia Platform
22.08.2013 17:36 <DIR> Windows NT
13.03.2015 20:04 <DIR> Windows Photo Viewer
13.03.2015 20:04 <DIR> Windows Portable Devices
13.03.2015 20:02 <DIR> WindowsPowerShell
0 File(s) 0 bytes
28 Dir(s) 269�394�329�600 bytes free

========= End of CMD: =========


========= dir C:\PROGRA~2 =========

Volume in drive C is Windows8_OS
Volume Serial Number is A861-1C6E

Directory of C:\PROGRA~2

25.04.2015 21:41 <DIR> .
25.04.2015 21:41 <DIR> ..
24.01.2015 10:47 <DIR> Adobe
24.06.2013 04:52 <DIR> AMD APP
24.06.2013 04:52 <DIR> AMD AVT
10.11.2014 20:53 <DIR> ATI Technologies
23.04.2015 23:14 <DIR> Battle.net
11.11.2014 19:26 <DIR> Bluetooth Suite
26.04.2015 17:22 <DIR> Common Files
24.06.2013 05:02 <DIR> Dolby Advanced Audio v2
05.05.2014 19:54 <DIR> Google
25.04.2015 21:40 <DIR> Hry
10.11.2014 20:53 <DIR> Intel
13.03.2015 20:02 <DIR> Internet Explorer
18.04.2015 11:00 <DIR> Lenovo
09.08.2014 15:54 <DIR> Microsoft Analysis Services
12.10.2014 11:06 <DIR> Microsoft Office
17.12.2014 22:49 <DIR> Microsoft Silverlight
09.08.2014 15:59 <DIR> Microsoft SQL Server Compact Edition
09.08.2014 15:59 <DIR> Microsoft Sync Framework
09.08.2014 16:00 <DIR> Microsoft Synchronization Services
09.08.2014 15:55 <DIR> Microsoft Visual Studio 8
10.11.2014 20:53 <DIR> Microsoft.NET
10.11.2014 20:59 <DIR> MSBuild
26.04.2015 12:29 <DIR> Programy
24.06.2013 05:08 <DIR> Qualcomm Atheros
24.06.2013 04:52 <DIR> Realtek
10.11.2014 20:26 <DIR> Reference Assemblies
12.04.2015 19:05 <DIR> Skype
06.06.2014 20:50 <DIR> Steam
30.05.2014 10:24 <DIR> TeamViewer
13.03.2015 20:02 <DIR> Windows Defender
13.03.2015 20:02 <DIR> Windows Mail
13.03.2015 20:02 <DIR> Windows Media Player
13.03.2015 20:02 <DIR> Windows Multimedia Platform
22.08.2013 17:36 <DIR> Windows NT
13.03.2015 20:02 <DIR> Windows Photo Viewer
13.03.2015 20:02 <DIR> Windows Portable Devices
22.08.2013 17:36 <DIR> WindowsPowerShell
0 File(s) 0 bytes
39 Dir(s) 269�394�329�600 bytes free

========= End of CMD: =========


========= dir C:\PROGRA~3 =========

Volume in drive C is Windows8_OS
Volume Serial Number is A861-1C6E

Directory of C:\PROGRA~3

24.01.2015 10:51 <DIR> Adobe
24.06.2013 04:52 <DIR> AMD
05.10.2013 03:36 <DIR> Atheros
05.10.2013 03:36 <DIR> ATI
04.05.2014 07:17 <DIR> AVAST Software
23.04.2015 18:58 <DIR> Battle.net
25.04.2015 22:38 <DIR> Blizzard Entertainment
06.11.2013 09:04 <DIR> Bohemia Interactive
04.10.2013 18:24 <DIR> Caphyon
10.11.2014 20:53 <DIR> Conexant
18.04.2015 10:51 <DIR> CyberLink
04.10.2013 14:27 <DIR> DAEMON Tools Lite
24.06.2013 05:28 <DIR> Downloaded Installations
30.05.2014 10:15 <DIR> EA Core
30.05.2014 10:25 <DIR> EA Logs
30.05.2014 10:15 <DIR> Electronic Arts
25.04.2015 19:36 <DIR> Energy Manager
16.04.2015 06:33 <DIR> Glyph
24.06.2013 05:27 <DIR> Intel
04.05.2014 09:22 <DIR> IObit
05.10.2013 21:24 <DIR> Lenovo
04.05.2014 10:41 <DIR> Malwarebytes
15.04.2015 17:40 <DIR> Microsoft Help
25.12.2013 18:43 <DIR> Mozilla
12.03.2014 21:35 <DIR> Nero
24.06.2013 05:28 <DIR> OneKey Recovery
25.04.2015 21:41 <DIR> Origin
10.11.2014 20:53 <DIR> PRICache
24.06.2013 05:08 <DIR> Qualcomm Atheros
13.03.2015 20:02 <DIR> regid.1991-06.com.microsoft
02.05.2014 10:23 <DIR> RELOADED
26.10.2014 07:51 <DIR> Riot Games
26.04.2015 15:52 <DIR> RogueKiller
12.04.2015 19:05 <DIR> Skype
01.05.2014 06:33 <DIR> Steam
24.06.2013 05:27 <DIR> Temp
06.10.2013 19:47 <DIR> TuneUp Software
28.10.2013 22:56 <DIR> Ubisoft
29.05.2014 00:35 <DIR> WarThunder
04.09.2014 14:39 <DIR> [Manufacturer]
0 File(s) 0 bytes
40 Dir(s) 269�394�325�504 bytes free

========= End of CMD: =========


========= dir %appdata% =========

Volume in drive C is Windows8_OS
Volume Serial Number is A861-1C6E

Directory of C:\Users\Corey\AppData\Roaming

23.04.2015 23:14 <DIR> .
23.04.2015 23:14 <DIR> ..
04.09.2014 14:39 <DIR> 4GF.CZ
24.01.2015 10:47 <DIR> Adobe
08.10.2014 14:15 <DIR> Atheros
05.10.2013 03:36 <DIR> ATI
04.05.2014 07:26 <DIR> AVAST Software
24.04.2015 17:55 <DIR> Battle.net
24.12.2013 05:22 <DIR> CyberLink
26.04.2015 13:28 <DIR> DAEMON Tools Lite
05.10.2014 10:36 <DIR> Dropbox
04.05.2014 07:21 <DIR> GHISLER
10.11.2014 21:19 <DIR> Identities
05.10.2013 03:37 <DIR> Intel Corporation
04.07.2014 12:31 <DIR> KYE Gila
05.10.2013 21:24 <DIR> Lenovo
04.10.2013 16:25 <DIR> LSC
24.06.2013 05:21 <DIR> Macromedia
29.05.2014 21:07 <DIR> Origin
28.10.2013 22:18 <DIR> PunkBuster
25.04.2015 21:16 <DIR> Skype
13.09.2014 16:22 <DIR> Steam
26.04.2015 13:28 <DIR> TeamViewer
26.04.2015 15:29 <DIR> TS3Client
06.10.2013 00:26 <DIR> TuneUp Software
06.10.2013 00:30 <DIR> Wargaming.net
05.10.2013 21:24 <DIR> WebApp
11.09.2014 18:35 <DIR> Winamp
04.10.2013 14:16 <DIR> WinRAR
06.05.2014 21:00 <DIR> Wise
0 File(s) 0 bytes
30 Dir(s) 269�394�325�504 bytes free

========= End of CMD: =========

EmptyTemp: => Removed 76.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 17:32:00 ====



Farbar Service Scanner Version: 17-01-2015
Ran by Corey (administrator) on 26-04-2015 at 17:38:36
Running from "C:\Users\Corey\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

[mople71]

Bezva.


Stejným postupem jako nahoře aplikuj další fixlist pro FRST, jeho obsah je:

Kód: Vybrat vše

Start
C:\ProgramData\IObit
C:\ProgramData\TuneUp Software
C:\ProgramData\RogueKiller
C:\Users\Corey\AppData\Roaming\Wise
C:\Users\Corey\AppData\Roaming\TuneUp Software
End


Ani nemusíš dodávat fixlog, PC se nerestartuje.


Takže se vrhneme na úklid:

Stáhni si DelFix: https://toolslib.net/downloads/viewdownload/2-delfix/

V něm označ Remove disinfection tools, Purge system restore a klikni na Run.

Následně prosím dodej jeho log.

--------------------------------------------------------------

Stáhni si SecurityCheck: http://www.bleepingcomputer.com/download/securitycheck/

Ulož na Plochu, spusť jako Správce, odklikej a nech pracovat. Po dokončení skenu na tebe vyskočí log, jeho obsah sem prosím vlož.

[Corey]

Delfix
# DelFix v1.010 - Logfile created 26/04/2015 at 18:05:59
# Updated 26/04/2015 by Xplode
# Username : Corey - COREY-PC
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\Corey\Desktop\Addition.txt
Deleted : C:\Users\Corey\Desktop\Fixlog1.txt
Deleted : C:\Users\Corey\Desktop\Fixlog2.txt
Deleted : C:\Users\Corey\Desktop\FRST64.exe
Deleted : C:\Users\Corey\Desktop\FSS.exe
Deleted : C:\Users\Corey\Desktop\FSS.txt
Deleted : C:\Users\Corey\Desktop\JRT.exe
Deleted : C:\Users\Corey\Desktop\HijackThis.exe
Deleted : C:\Users\Corey\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Corey\Desktop\zoek.exe
Deleted : C:\Users\Corey\Downloads\adwcleaner_4.202.exe
Deleted : C:\Users\Corey\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #24 [Windows Update | 04/04/2015 06:49:30]
Deleted : RP #25 [Scheduled Checkpoint | 04/13/2015 01:33:32]
Deleted : RP #26 [Windows Update | 04/16/2015 09:17:38]
Deleted : RP #27 [Removed Lenovo Solution Center. | 04/18/2015 08:45:09]
Deleted : RP #28 [Installed DirectX | 04/22/2015 16:48:10]
Deleted : RP #29 [Removed Classic Shell | 04/25/2015 19:41:16]
Deleted : RP #31 [Restore Point Created by FRST | 04/26/2015 15:28:29]
Deleted : RP #33 [Restore Point Created by FRST | 04/26/2015 15:31:15]

New restore point created !

########## - EOF - ##########

SecurityCheck

Results of screen317's Security Check version 1.00
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader XI
Google Chrome (41.0.2272.118)
Google Chrome (42.0.2311.90)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

[mople71]

Toto je v pořádku, co problémy?

[Corey]

Zatial to vypada tak že sa to napravilo aleplne si to overim až pri častejšiom používani a hlavne zaťaži na ktoru mmntalne nemam čas :)
Notebook som počas tvojej pomoci skoro nevyťažoval kedže som ho nevyužival na nič ine okrem tvojich rad.
Velmi pekne dakujem za pomoc :)

Ešte menšia otazočka vyššie si pisal odinštalovať ccleaner ktorý som aj odinštaloval zaujma ma len či je tento program uplne zbytočný a neoplati sa ho dalej využivať či to bolo z nejakeho ineho dovodu :)

[mople71]

Ok, vyzkoušej a když to bude v pořádku, toto vlákno můžeš zavřít.

CCleaner je zbytečný, nástroje na čištění bince jsou již vestavěné v OS a čištěním registrů přicházíš o podporu ze strany Microsoftu, viz: https://support.microsoft.com/en-us/kb/2563254

[Corey]

Super velmi pekne dakujem za pomoc sam by som si s tym rady nevedel :)

A posledna otravna otázka a už dam pokoj kedže to je všetko
Bolo toho bordelu v tom PC moc? Má cca rok a pol snažim sa ho priebežne udržiavaž v poriadku ale ako bežny uživatel hromadu veci nedokažem tak by ma zaujmalo ako na tom cca bolo :)

[mople71]

Není zač!

Nic vážného, adware a pár menších breberek...

Pro vyhnutí se AdWare:

1) Stahuj programy výhradně ze stránek výrobce, žádné stahuj.cz apod.

2) Stáhni si Unchecky: http://unchecky.com/

Tento program je stále ve fázi raného vývoje, i tak už teď ochrání před spoustou adware.

3) Povol si vyhledávání PUP v nastavení Avastu.