PC-HELP.CZ

Zdravím, prosím o preventivní kontrolu, když budete mít někdo čas .

TFC jsem již použil po logu Hijack. Používám Chrome.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:07, on 22.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\LM\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Programy\Gmail Notifier\Gmail Notifier.exe
C:\Users\LM\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\LM\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\EKAG20NT.EXE
C:\PROGRA~2\Raptr\raptr_im.exe
D:\Programy\Origin\Origin.exe
D:\Stažené soubory\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [f.lux] "C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Users\LM\AppData\Local\Temp\E_S437C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\LM\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Gmail Notifier.exe] D:\Programy\Gmail Notifier\Gmail Notifier.exe /startup
O4 - Startup: Dropbox.lnk = LM\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Logitech blank Product Registration.lnk = C:\Program Files (x86)\Logitech\G35\eReg.exe
O4 - Startup: Samsung Magician.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - D:\Programy\LogMeIn Hamachi\hamachi-2.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LucidSvc - LucidLogix - C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Programy\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 14268 bytes


# AdwCleaner v4.101 - Report created 22/11/2014 at 10:16:05
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : LM - LM-PC
# Running from : C:\Users\LM\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\NCH Software
Folder Found : C:\Program Files (x86)\WinToFlash Suggestor
Folder Found : C:\ProgramData\NCH Software
Folder Found : C:\Users\LM\AppData\Local\CrashRpt
Folder Found : C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Folder Found : C:\Users\LM\AppData\Roaming\NCH Software

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Found : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Found : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Found : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.65

[C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.tip-auto.cz/?page=websearch&srchtext={searchTerms}
[C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ebay.co.uk/sch/i.html?_trksi ... +fan&_nkw={searchTerms}&_sacat=0&_from=R40
[C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

-\\ Opera v26.0.1656.24


*************************

AdwCleaner[R2].txt - [3129 octets] - [22/11/2014 10:16:05]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3189 octets] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.11.2014
Čas skenování: 10:21:28
Protokol: MBAM.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.11.22.05
Databáze rootkitů: v2014.11.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: LM

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 340890
Uplynulý čas: 3 min, 52 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 9
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}, , [07c6e35b8eeed462afa73c7e56ac659b],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}, , [07c6e35b8eeed462afa73c7e56ac659b],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{78CE34FD-F6D4-4866-B79C-A37268D06A04}, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{80904944-C726-4C7D-A452-3FFF2A882095}, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{78CE34FD-F6D4-4866-B79C-A37268D06A04}, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{80904944-C726-4C7D-A452-3FFF2A882095}, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinToFlash Suggestor, , [26a7a698c1bbf83e8b97b881a65dbb45],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 3
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0, , [448956e83d3f82b4bd66c3763ac9659b],

Soubory: 30
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll, , [07c6e35b8eeed462afa73c7e56ac659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\AddressBarInstance.dll, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\icon.png, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\RestartIE.exe, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\SMBarBroker.exe, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\Uninstall.exe, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx, , [26a7a698c1bbf83e8b97b881a65dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\background.html, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\close-button.gif, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\config.js, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\icon-about.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\icon-contact.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\icon-homepage.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\icon-localdirectory.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\icon-options.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\inject.js, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\jquery.min.js, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\localDirectoryPopup.html, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\Logo.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\Logo128.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\Logo16.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\Logo48.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\manifest.json, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\md5.js, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\menu.css, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\menu.html, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\options.html, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\optionsPopup.html, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\share.png, , [448956e83d3f82b4bd66c3763ac9659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\sharePopup.html, , [448956e83d3f82b4bd66c3763ac9659b],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

# AdwCleaner v4.101 - Report created 22/11/2014 at 11:35:20
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : LM - LM-PC
# Running from : C:\Users\LM\Desktop\Programy\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.65


-\\ Opera v26.0.1656.24


*************************

AdwCleaner[R3].txt - [3188 octets] - [22/11/2014 11:13:50]
AdwCleaner[R4].txt - [691 octets] - [22/11/2014 11:35:20]
AdwCleaner[S1].txt - [3863 octets] - [22/11/2014 11:14:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [810 octets] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.11.2014
Čas skenování: 11:36:24
Protokol: Mbam.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.11.22.05
Databáze rootkitů: v2014.11.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: LM

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 341731
Uplynulý čas: 3 min, 36 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Ultimate x64
Ran by LM on so 22.11.2014 at 11:31:43,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 22.11.2014 at 11:33:34,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


RogueKiller V10.0.8.0 (x64) [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : LM [Práva správce]
Mód : Prohledat -- Datum : 11/22/2014 11:28:13

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 20 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{253178EC-42C6-480D-93BF-D006A8B585FC} | DhcpNameServer : 213.211.50.1 213.211.50.2 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{253178EC-42C6-480D-93BF-D006A8B585FC} | DhcpNameServer : 213.211.50.1 213.211.50.2 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 EVO 120GB ATA Device +++++
--- User ---
[MBR] 6e1cbbac4fdce79b754d357673701a8d
[BSP] c3d70c372c99fac63e6d5d9e9a4fcbd6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 102924 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 2b5dd762acf04da95d32d4d60be5e4ff
[BSP] 43438e7fd30420a4d26f0629eac47869 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 953869 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD5000AVDS-63U7B1 ATA Device +++++
--- User ---
[MBR] 27116db04dc866c8b54d4d9c9d171ae9
[BSP] 3cb4fef93fc223b4dbba5206337942b1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_06192014_201933.log - RKreport_SCN_06192014_192635.log - RKreport_SCN_06192014_201754.log

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller


Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

RogueKiller V10.0.8.0 (x64) [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : LM [Práva správce]
Mód : Smazat -- Datum : 11/22/2014 12:02:55

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 20 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{253178EC-42C6-480D-93BF-D006A8B585FC} | DhcpNameServer : 213.211.50.1 213.211.50.2 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{253178EC-42C6-480D-93BF-D006A8B585FC} | DhcpNameServer : 213.211.50.1 213.211.50.2 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1301124108-1507109198-2098208303-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 EVO 120GB ATA Device +++++
--- User ---
[MBR] 6e1cbbac4fdce79b754d357673701a8d
[BSP] c3d70c372c99fac63e6d5d9e9a4fcbd6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 102924 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 2b5dd762acf04da95d32d4d60be5e4ff
[BSP] 43438e7fd30420a4d26f0629eac47869 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 953869 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD5000AVDS-63U7B1 ATA Device +++++
--- User ---
[MBR] 27116db04dc866c8b54d4d9c9d171ae9
[BSP] 3cb4fef93fc223b4dbba5206337942b1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_06192014_201933.log - RKreport_SCN_06192014_192635.log - RKreport_SCN_06192014_201754.log - RKreport_SCN_11222014_112813.log
RKreport_SCN_11222014_120203.log


Zoek.exe v5.0.0.0 Updated 05-November-2014
Tool run by LM on so 22.11.2014 at 12:04:50,85.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\LM\Desktop\zoek\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.11.2014 12:05:07 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bridge Constructor Medieval deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\LM\AppData\Local\LumaEmu" deleted
"C:\ProgramData\193847656" deleted
"C:\Users\LM\AppData\Roaming\rmi" deleted

==== Chromium Look ======================

AdBlock - LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Fix ======================

C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_globaldeals.ebay.com_0.localstorage deleted successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_globaldeals.ebay.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== Reset Google Chrome ======================

C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\LM\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\LM\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{945D2EB5-4F2D-4D4D-B69E-7FD0C4A0A1BD} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\LM\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=97 folders=129 245866010 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\LM\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LM\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 22.11.2014 at 12:13:14,64 ======================

Jak je na tom PC? Dodej ještě nový HJT log

Je v pohodě, on byl i předtím, jen jsem chtěl preventivní kontrolu .

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:48:39, on 22.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\LM\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Programy\Gmail Notifier\Gmail Notifier.exe
C:\Users\LM\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\LM\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\EKAG20NT.EXE
C:\PROGRA~2\Raptr\raptr_im.exe
D:\Programy\Origin\Origin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Programy\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Stažené soubory\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [f.lux] "C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Users\LM\AppData\Local\Temp\E_S437C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\LM\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Gmail Notifier.exe] D:\Programy\Gmail Notifier\Gmail Notifier.exe /startup
O4 - Startup: Dropbox.lnk = LM\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Logitech blank Product Registration.lnk = C:\Program Files (x86)\Logitech\G35\eReg.exe
O4 - Startup: Samsung Magician.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - D:\Programy\LogMeIn Hamachi\hamachi-2.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LucidSvc - LucidLogix - C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Programy\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 14549 bytes

V HJT fixni:

O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

# DelFix v10.8 - Logfile created 22/11/2014 at 22:42:23
# Updated 29/07/2014 by Xplode
# Username : LM - LM-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\LM\Desktop\hijackthis.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #371 [zoek.exe restore point | 11/22/2014 11:05:06]

New restore point created !

########## - EOF - ##########

Ok, díky moc .