PC-HELP.CZ

Log k tomuto příspěvku: http://www.pc-help.cz/viewtopic.php?f=95&t=134012&p=1055144#p1055144
LOG: http://leteckaposta.cz/162982576

Vlož sem!

+
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

AdwCleaner: # AdwCleaner v3.212 - Report created 12/06/2014 at 07:07:15
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Michal - MIXA
# Running from : C:\Users\Michal\Desktop\PC Fix\adwcleaner_3.212.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Found : C:\WINDOWS\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\Program Files (x86)\save neet
Folder Found : C:\Program Files (x86)\SmartTweak
Folder Found : C:\Program Files (x86)\SW-Booster
Folder Found : C:\Program Files (x86)\YoutubeAdblocker
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\DealiExprress
Folder Found : C:\ProgramData\Happy2Save
Folder Found : C:\ProgramData\Happy2Save
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\RandomPricee
Folder Found : C:\ProgramData\RegClean
Folder Found : C:\ProgramData\save neet
Folder Found : C:\ProgramData\YoutubeAdblocker
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnkkjaiincaecmknmeggcapmcekmehfk
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbfhheikchmfedlmipcfhkmdpniecba
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnkkjaiincaecmknmeggcapmcekmehfk
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbfhheikchmfedlmipcfhkmdpniecba
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\Michal\AppData\Local\AppsHat Mobile Apps
Folder Found : C:\Users\Michal\AppData\Local\Conduit
Folder Found : C:\Users\Michal\AppData\Local\FilesFrog Update Checker
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\phoamlenfpfjffaghkaknhkonhhgpecc
Folder Found : C:\Users\Michal\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Michal\AppData\Local\torch
Folder Found : C:\Users\Michal\AppData\LocalLow\Conduit
Folder Found : C:\Users\Michal\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Users\Michal\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Michal\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnkkjaiincaecmknmeggcapmcekmehfk
Folder Found : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbfhheikchmfedlmipcfhkmdpniecba
Folder Found : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Folder Found : C:\Users\UpdatusUser\AppData\Local\torch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sw-boo~1\assist~1.dll
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\ba4c12bee3027d94da5c81db2d196bfd
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\smarttweak
Key Found : HKCU\Software\Somoto
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\smarttweak
Key Found : [x64] HKCU\Software\Somoto
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\DiealExxpress.DiealExxpress
Key Found : HKLM\SOFTWARE\Classes\DiealExxpress.DiealExxpress.2.1
Key Found : HKLM\SOFTWARE\Classes\Happy2eSave.Happy2eSave
Key Found : HKLM\SOFTWARE\Classes\Happy2eSave.Happy2eSave.2.5
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\RaundomuPPrice.RaundomuPPrice
Key Found : HKLM\SOFTWARE\Classes\RaundomuPPrice.RaundomuPPrice.6.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{880E0564-288A-4A94-3168-049BF35F89E7}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
Found [Extension] : phoamlenfpfjffaghkaknhkonhhgpecc

*************************

AdwCleaner[R0].txt - [8973 octets] - [12/06/2014 07:07:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9033 octets] ##########

Malwayrebytes Anti-Malware: Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12. 6. 2014
Čas skenování: 7:14:44
Protokol:
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.06.12.04
Databáze rootkitů: v2014.06.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Michal

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 317270
Uplynulý čas: 14 min, 14 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 40
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{880E0564-288A-4A94-3168-049BF35F89E7}, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{880E0564-288A-4A94-3168-049BF35F89E7}, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DiealExxpress.DiealExxpress, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DiealExxpress.DiealExxpress.2.1, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DiealExxpress.DiealExxpress, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DiealExxpress.DiealExxpress.2.1, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{880E0564-288A-4A94-3168-049BF35F89E7}, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{880E0564-288A-4A94-3168-049BF35F89E7}, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}\INPROCSERVER32, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{87FC1A03-FFED-0139-6947-49954D86ABD8}, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{87FC1A03-FFED-0139-6947-49954D86ABD8}, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Happy2eSave.Happy2eSave, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Happy2eSave.Happy2eSave.2.5, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Happy2eSave.Happy2eSave, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Happy2eSave.Happy2eSave.2.5, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{87FC1A03-FFED-0139-6947-49954D86ABD8}, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{87FC1A03-FFED-0139-6947-49954D86ABD8}, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}\INPROCSERVER32, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{25F259ED-12F6-429F-5783-527C3E2F8586}, , [95ff2c4b780357df848180cd0bf64eb2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E957849A-94AC-6F46-4623-C31474E3C170}, , [573d581f017abc7a9570a7a604fd9868],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\RaundomuPPrice.RaundomuPPrice, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\RaundomuPPrice.RaundomuPPrice.6.1, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\RaundomuPPrice.RaundomuPPrice, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\RaundomuPPrice.RaundomuPPrice.6.1, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.Somoto.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, , [b6defe79fc7f2016e9ede12c7e8341bf],
PUP.Optional.SpeedupmyComputer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SpeedUpMyComputer, , [f89c3344b7c4a096cac7edd1d32f639d],
PUP.Optional.AppsHat.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat Mini, , [286c3d3a057664d227d333841ee44eb2],
Trojan.MSIL, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ba4c12bee3027d94da5c81db2d196bfd, , [d2c298df4e2d1a1c1d4ed1e34eb5d62a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [4a4abbbca7d476c0fc7eeff96a996f91],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [cec69ddaff7c88ae90cf5a5e23df06fa],
PUP.Optional.Somoto.A, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, , [781cb7c0fb8072c4e5d15d7bbd4608f8],
PUP.Optional.YoutubeAdblocker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, , [7420690e98e388aeb919e7a3e61c1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7DD5E91C-3864-77EC-7635-D14910C2A03E}, , [b4e0086f4b30171f5fe51681a95926da],

Hodnoty registru: 3
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SDP, C:\Users\Michal\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto , , [860e5a1d02794aec99829c87b44cc13f]
PUP.Optional.Somoto.A, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, fvdsuiteffoi, , [781cb7c0fb8072c4e5d15d7bbd4608f8]
PUP.Optional.SpeedupmyComputer, HKU\S-1-5-21-1313876091-814491649-3755116655-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SpeedUpMyComputer, C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as, , [9202a4d3b1ca84b261284c3c0200e11f]

Data registru: 0
(No malicious items detected)

Složky: 12
Adware.InstallBrain, C:\ProgramData\IBUpdaterService, , [95ff1067d3a8d66024b2edc0c04332ce],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy, , [cbc9a8cfc0bba98d832ab7cf03ff3dc3],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\9B88EB62B32D4052A1237DE7C40D75E8, , [cbc9a8cfc0bba98d832ab7cf03ff3dc3],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\AC734EBB701841B0AF547E3592AD6E1B, , [cbc9a8cfc0bba98d832ab7cf03ff3dc3],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\OpenCandy_AC734EBB701841B0AF547E3592AD6E1B, , [cbc9a8cfc0bba98d832ab7cf03ff3dc3],
PUP.Optional.FilesFrog.A, C:\Users\Michal\AppData\Local\FilesFrog Update Checker, , [c0d434437605ec4a887c9fe8837f956b],
PUP.Optional.FilesFrog.A, C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, , [464e8deaf982a78f9f668afd36ccb54b],
PUP.Optional.SpeedupmyComputer, C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer, , [9202a4d3b1ca84b261284c3c0200e11f],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, , [d6be4b2c611a1e180dc389ff1de536ca],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [7420690e98e388aeb919e7a3e61c1fe1],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save neet, , [6e263245f3885dd93211c1d6689ae818],
PUP.Optional.MultiPlug.A, C:\ProgramData\save neet, , [b4e0086f4b30171f5fe51681a95926da],

Soubory: 23
PUP.Optional.FilesFrog.A, C:\Users\Michal\AppData\Local\FilesFrog Update Checker\update_checker.exe, , [860e5a1d02794aec99829c87b44cc13f],
PUP.Optional.MultiPlug.A, C:\ProgramData\DealiExprress\wBXeRho.x64.dll, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, C:\ProgramData\DealiExprress\wBXeRho.dll, , [890b96e156255bdb14f11e2f758cf30d],
PUP.Optional.MultiPlug.A, C:\ProgramData\Happy2Save\YE2cRU6Uzw.x64.dll, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, C:\ProgramData\Happy2Save\YE2cRU6Uzw.dll, , [692b1265b7c4a492828353fa1ee32bd5],
PUP.Optional.MultiPlug.A, C:\ProgramData\DealiExprress\wBXeRho.exe, , [95ff2c4b780357df848180cd0bf64eb2],
PUP.Optional.MultiPlug.A, C:\ProgramData\Happy2Save\YE2cRU6Uzw.exe, , [573d581f017abc7a9570a7a604fd9868],
PUP.Optional.MultiPlug.A, C:\ProgramData\RandomPricee\obHzGJm02.dll, , [c3d15e193b40d56129dcb49906fbbb45],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [088c0077daa12f07c01ce838728e24dc],
PUP.Optional.Somoto.A, C:\Users\Michal\AppData\Local\AppsHat Mobile Apps\Uninstall.exe, , [9df7c8afc0bbfe38171735edc8383ac6],
PUP.Optional.Somoto.A, C:\Users\Michal\AppData\Local\FilesFrog Update Checker\uninstall.exe, , [b6defe79fc7f2016e9ede12c7e8341bf],
Adware.InstallBrain, C:\ProgramData\IBUpdaterService\repository.xml, , [95ff1067d3a8d66024b2edc0c04332ce],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\9B88EB62B32D4052A1237DE7C40D75E8\AVG-PC-TuneUp2014.exe, , [cbc9a8cfc0bba98d832ab7cf03ff3dc3],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\AC734EBB701841B0AF547E3592AD6E1B\TuneUpUtilities2013_2200329_cs-CZ.exe, , [cbc9a8cfc0bba98d832ab7cf03ff3dc3],
PUP.Optional.FilesFrog.A, C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk, , [464e8deaf982a78f9f668afd36ccb54b],
PUP.Optional.FilesFrog.A, C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, , [464e8deaf982a78f9f668afd36ccb54b],
PUP.Optional.SpeedupmyComputer, C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe, , [9202a4d3b1ca84b261284c3c0200e11f],
PUP.Optional.SpeedupmyComputer, C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.url, , [9202a4d3b1ca84b261284c3c0200e11f],
PUP.Optional.SpeedupmyComputer, C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\uninst.exe, , [9202a4d3b1ca84b261284c3c0200e11f],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\xJC4QQ.dat, , [7420690e98e388aeb919e7a3e61c1fe1],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\xJC4QQ.exe, , [7420690e98e388aeb919e7a3e61c1fe1],
PUP.Optional.MultiPlug.A, C:\ProgramData\save neet\UDgjy7YL.dat, , [b4e0086f4b30171f5fe51681a95926da],
PUP.Optional.MultiPlug.A, C:\ProgramData\save neet\UDgjy7YL.exe, , [b4e0086f4b30171f5fe51681a95926da],

Fyzické sektory: 0
(No malicious items detected)


(end)

Vlož log z HJT:
viewtopic.php?f=70&t=5119

+
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

+
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

+
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:32, on 12. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Michal\Desktop\PC Fix\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RandomPricee - {23A2C277-D659-1BBE-F3D8-4D3621F1283D} - C:\ProgramData\RandomPricee\obHzGJm02.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Happy2Save - {87FC1A03-FFED-0139-6947-49954D86ABD8} - C:\ProgramData\Happy2Save\YE2cRU6Uzw.dll
O2 - BHO: DealiExprress - {880E0564-288A-4A94-3168-049BF35F89E7} - C:\ProgramData\DealiExprress\wBXeRho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SDP] C:\Users\Michal\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
O4 - HKCU\..\Run: [UpdateMyDrivers] C:\Program Files (x86)\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: TotalMedia Server.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\sw-boo~1\assist~1.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch TotalMedia Theatre 6 Driver - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11791 bytes

AdwCleaner:
# AdwCleaner v3.212 - Report created 12/06/2014 at 16:04:00
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Michal - MIXA
# Running from : C:\Users\Michal\Desktop\PC Fix\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Happy2Save
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\DealiExprress
Folder Deleted : C:\ProgramData\RandomPricee
Folder Deleted : C:\ProgramData\save neet
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\SW-Booster
Folder Deleted : C:\Program Files (x86)\save neet
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Michal\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\Michal\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Michal\AppData\Local\Conduit
Folder Deleted : C:\Users\Michal\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Michal\AppData\Local\torch
Folder Deleted : C:\Users\Michal\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Michal\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Michal\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Michal\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnkkjaiincaecmknmeggcapmcekmehfk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnkkjaiincaecmknmeggcapmcekmehfk
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnkkjaiincaecmknmeggcapmcekmehfk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbfhheikchmfedlmipcfhkmdpniecba
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbfhheikchmfedlmipcfhkmdpniecba
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbfhheikchmfedlmipcfhkmdpniecba
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKLM\SOFTWARE\Classes\RaundomuPPrice.RaundomuPPrice
Key Deleted : HKLM\SOFTWARE\Classes\RaundomuPPrice.RaundomuPPrice.6.1
Key Deleted : HKLM\SOFTWARE\Classes\Happy2eSave.Happy2eSave
Key Deleted : HKLM\SOFTWARE\Classes\Happy2eSave.Happy2eSave.2.5
Key Deleted : HKLM\SOFTWARE\Classes\DiealExxpress.DiealExxpress
Key Deleted : HKLM\SOFTWARE\Classes\DiealExxpress.DiealExxpress.2.1
Key Deleted : HKCU\Software\ba4c12bee3027d94da5c81db2d196bfd
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23A2C277-D659-1BBE-F3D8-4D3621F1283D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87FC1A03-FFED-0139-6947-49954D86ABD8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{880E0564-288A-4A94-3168-049BF35F89E7}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sw-boo~1\assist~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda

*************************

AdwCleaner[R0].txt - [9165 octets] - [12/06/2014 07:07:15]
AdwCleaner[R1].txt - [9049 octets] - [12/06/2014 16:02:33]
AdwCleaner[S0].txt - [8625 octets] - [12/06/2014 16:04:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8685 octets] ##########

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Michal on źt 12. 06. 2014 at 16:37:15,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2765FF17-D1F7-4C8F-B1BD-E14F53BDB715}



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 12. 06. 2014 at 16:42:03,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MbAM:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12. 6. 2014
Čas skenování: 16:44:54
Protokol: MbAM.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.06.12.06
Databáze rootkitů: v2014.06.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Michal

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 316461
Uplynulý čas: 11 min, 15 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 1
PUP.Optional.AppsHat.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat Mini, Do karantény, [a6f07cfb136851e5734cb9ff0200e21e],

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

RogueKiller:
RogueKiller V9.0.2.0 (x64) [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Michal [Práva správce]
Mód : Kontrola -- Datum : 06/12/2014 17:04:44

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 4 ¤¤¤
[Suspicious.Path] \\{6647D0FE-CC63-4D43-9316-0BDCDDD57E6F} -- C:\windows\system32\pcalua.exe (-a C:\Users\Michal\Desktop\Counter-Strike-1-6_1.6.exe -d C:\Users\Michal\Desktop) -> NALEZENO
[Suspicious.Path] \\{8D0721EE-7CBE-4293-8286-4C3F03BE25F6} -- C:\WINDOWS\system32\pcalua.exe (-a C:\Users\Michal\AppData\Local\WebPlayer\uninstall.exe -c _?=C:\Users\Michal\AppData\Local\WebPlayer\FLV Player) -> NALEZENO
[Suspicious.Path] \\{AA0E25D5-25D3-4793-8209-7FADBBB9AF59} -- C:\windows\system32\pcalua.exe (-a C:\Users\Michal\Downloads\counter-strike-1-6.exe -d C:\Users\Michal\Downloads) -> NALEZENO
[Suspicious.Path] \\{D3F10F7D-E908-4277-90F3-CF6B624B1130} -- C:\windows\system32\pcalua.exe (-a "C:\Users\Michal\Downloads\counter-strike-1-6 (1).exe" -d C:\Users\Michal\Downloads) -> NALEZENO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 4 ¤¤¤
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllCanUnloadNow : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e2350
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllGetClassObject : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e2130
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllRegisterServer : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e1f70
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllUnregisterServer : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e2060

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 3c0042f52d976f711c25b5698696658e
[BSP] 283d771199716ccd3e57703564c7d71b : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

RogueKiller:
RogueKiller V9.0.2.0 (x64) [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Michal [Práva správce]
Mód : Odebrat -- Datum : 06/12/2014 17:26:16

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1313876091-814491649-3755116655-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 4 ¤¤¤
[Suspicious.Path] \\{6647D0FE-CC63-4D43-9316-0BDCDDD57E6F} -- C:\windows\system32\pcalua.exe (-a C:\Users\Michal\Desktop\Counter-Strike-1-6_1.6.exe -d C:\Users\Michal\Desktop) -> VYMAZÁNO
[Suspicious.Path] \\{8D0721EE-7CBE-4293-8286-4C3F03BE25F6} -- C:\WINDOWS\system32\pcalua.exe (-a C:\Users\Michal\AppData\Local\WebPlayer\uninstall.exe -c _?=C:\Users\Michal\AppData\Local\WebPlayer\FLV Player) -> VYMAZÁNO
[Suspicious.Path] \\{AA0E25D5-25D3-4793-8209-7FADBBB9AF59} -- C:\windows\system32\pcalua.exe (-a C:\Users\Michal\Downloads\counter-strike-1-6.exe -d C:\Users\Michal\Downloads) -> VYMAZÁNO
[Suspicious.Path] \\{D3F10F7D-E908-4277-90F3-CF6B624B1130} -- C:\windows\system32\pcalua.exe (-a "C:\Users\Michal\Downloads\counter-strike-1-6 (1).exe" -d C:\Users\Michal\Downloads) -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 4 ¤¤¤
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllCanUnloadNow : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e2350
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllGetClassObject : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e2130
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllRegisterServer : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e1f70
[EAT:Addr] (explorer.exe) WSCAPI.dll - DllUnregisterServer : C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0x7ff9fb1e2060

¤¤¤ Webové prohlížeče : 6 ¤¤¤
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> VYMAZÁNO
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : FVD Downloader [lfmhcpmkbdkbgbmkjoiopeeegenkdikp] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 3c0042f52d976f711c25b5698696658e
[BSP] 283d771199716ccd3e57703564c7d71b : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_06122014_170444.log - RKreport_SCN_06122014_172440.log