PC-HELP.CZ

Ahojte, poprosil by som o kontrolu logu, ale zabudol som ako si ten log v kompe nájdem a dám ho sem.
Ku problému, raz za 3-4dni mi hodí bluescreen crash a ked sa mi potom zapne PC myška (SteelSeries Sensei) je mrtva, potom ju musím odpojit a znova napojit do portu.

Dakujem

viewtopic.php?f=70&t=5119

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

# AdwCleaner v4.101 - Report created 23/11/2014 at 11:09:09
# Updated 09/11/2014 by Xplode
# Database : 2014-11-22.1 [Live]
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Cracked_folder - B-A-S-Z
# Running from : C:\Users\Cracked_folder\Desktop\adwcleaner_4.101.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Cracked_folder\AppData\Roaming\LiveSupport.exe_log.txt
File Found : C:\Users\Cracked_folder\AppData\Roaming\regsvr32.exe_log.txt
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\ProgramData\eSafe
Folder Found : C:\ProgramData\WindowsProtectManger
Folder Found : C:\Users\Cracked_folder\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\Cracked_folder\AppData\Local\CrashRpt
Folder Found : C:\Users\Cracked_folder\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\Cracked_folder\AppData\Roaming\qone8
Folder Found : C:\Users\Cracked_folder\AppData\Roaming\SupTab
Folder Found : C:\Users\Cracked_folder\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b ... 1383648591
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\performersoft llc
Key Found : HKCU\Software\Popajar
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\performersoft llc
Key Found : [x64] HKCU\Software\Popajar
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\eSafeSecControl
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsProtectManger
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cmd]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}

-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.65

[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [5760 octets] - [23/11/2014 11:09:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5820 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23. 11. 2014
Scan Time: 11:13:40
Logfile: 1001.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.23.04
Rootkit Database: v2014.11.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Cracked_folder

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362285
Time Elapsed: 7 min, 51 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [121e5ae5f08c70c6cc29b30a20e2a35d],
PUP.Optional.FreeGames.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0D5F364D-D6A9-43C1-BF0C-99B378972C5B}, , [64cc80bf04788fa7ce6cdae4768c9c64],
PUP.Optional.FreeGames.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0D5F364D-D6A9-43C1-BF0C-99B378972C5B}, , [64cc80bf04788fa7ce6cdae4768c9c64],
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, , [b977ee516319e551c7f3b79d3ec557a9],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, , [bf71231c403c6fc7141e0346729129d7],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [0b25aa957606979f7ce7a0a963a0936d],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [cc64fe4188f40630e7853e00c142ec14],
PUP.Optional.VideoPerformer.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PERFORMERSOFT LLC\Video Performer, , [f23e3d02eb913600cdcdbd95b44fdb25],

Registry Values: 4
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, , [bf71231c403c6fc7141e0346729129d7]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, smt, , [0b25aa957606979f7ce7a0a963a0936d]
PUP.Optional.AdvertTraff.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CMD, cmd.exe /c start http://adverttraff.org && exit, , [0e22eb54087471c5c816a31100047a86]
PUP.Optional.SpeedTest, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest199@BestOffers, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, , [47e91728d3a9092d20ff55fa897afe02]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, , [e0502d12fa82191da36a7ea3748f9a66],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, , [e0502d12fa82191da36a7ea3748f9a66],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, , [e0502d12fa82191da36a7ea3748f9a66],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\skin, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.SupTab.A, C:\Users\Cracked_folder\AppData\Roaming\SupTab, , [6fc1e45b9ede06308857e44445be1fe1],
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate, , [f13fad9237459c9a306a50dc679c27d9],

Files: 64
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\wprotectmanager.exe, , [55dbd16e91eb1620a6b97d2705fcc739],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [8ba5cf7014683ef83de6ff2201ff1be5],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-02[18-27-38-810].log, , [e0502d12fa82191da36a7ea3748f9a66],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, , [e0502d12fa82191da36a7ea3748f9a66],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome.manifest, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\icon.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\install.rdf, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\background.html, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.xml, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\config.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\content.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.xul, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.ico, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.png, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\jquery-1.9.1.min.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\options.xul, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\rjs.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\settings.json, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\subscriptloader.js, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin\framework.css, , [c36d3807314bc670f5167ba8897a32ce],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome.manifest, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\icon.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\install.rdf, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\background.html, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\button.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\button.xml, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\config.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\content.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\framework.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\framework.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\framework.xul, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon128.ico, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon128.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon16.ico, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon16.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon18.ico, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon18.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon24.ico, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon24.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon32.ico, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon32.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon48.ico, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon48.png, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\jquery-1.9.1.min.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\options.xul, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\rjs.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\settings.json, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\subscriptloader.js, , [121e2a15b2ca70c611fcf231699a7b85],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\skin\framework.css, , [121e2a15b2ca70c611fcf231699a7b85],

Physical Sectors: 0
(No malicious items detected)


(end)

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

# AdwCleaner v4.101 - Report created 24/11/2014 at 16:21:33
# Updated 09/11/2014 by Xplode
# Database : 2014-11-24.1 [Live]
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Cracked_folder - B-A-S-Z
# Running from : C:\Users\Cracked_folder\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\eSafe
[!] Folder Deleted : C:\ProgramData\WindowsProtectManger
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Local\Bundled software uninstaller
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Local\CrashRpt
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Roaming\PerformerSoft
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Roaming\qone8
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Roaming\SupTab
[!] Folder Deleted : C:\Users\Cracked_folder\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Cracked_folder\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Cracked_folder\AppData\Roaming\regsvr32.exe_log.txt

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Any.do.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cmd]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\eSafeSecControl
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsProtectManger
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.65

[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

-\\ Chromium v

[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

*************************

AdwCleaner[R0].txt - [5944 octets] - [23/11/2014 11:09:09]
AdwCleaner[R1].txt - [5838 octets] - [24/11/2014 16:14:39]
AdwCleaner[S0].txt - [6525 octets] - [24/11/2014 16:21:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6585 octets] ##########

"Dost krátko to išlo,,,,"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Ultimate x64
Ran by Cracked_folder on po 24. 11. 2014 at 16:53:52,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 24. 11. 2014 at 16:55:19,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 24. 11. 2014
Scan Time: 17:00:25
Logfile: mbam log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.24.06
Rootkit Database: v2014.11.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Cracked_folder

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362512
Time Elapsed: 7 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.FreeGames.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0D5F364D-D6A9-43C1-BF0C-99B378972C5B}, Quarantined, [35611926fb8111258eabd1eed72b56aa],
PUP.Optional.FreeGames.A, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0D5F364D-D6A9-43C1-BF0C-99B378972C5B}, Quarantined, [35611926fb8111258eabd1eed72b56aa],

Registry Values: 1
PUP.Optional.SpeedTest, HKU\S-1-5-21-1784857820-3523498442-507972197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest199@BestOffers, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, Quarantined, [692de15e9ae245f11b5479d7699a3fc1]

Registry Data: 0
(No malicious items detected)

Folders: 9
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, Delete-on-Reboot, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome, Delete-on-Reboot, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers, Delete-on-Reboot, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome, Delete-on-Reboot, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\skin, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate, Quarantined, [d1c574cb89f330063862a28bec1717e9],

Files: 60
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome.manifest, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\icon.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\install.rdf, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\background.html, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.xml, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\config.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\content.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.xul, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.ico, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.png, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\jquery-1.9.1.min.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\options.xul, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\rjs.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\settings.json, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\subscriptloader.js, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.SpeedTest.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin\framework.css, Quarantined, [6f2790af2458cc6a23e89d8738cbbd43],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome.manifest, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\icon.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\install.rdf, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\background.html, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\button.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\button.xml, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\config.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\content.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\framework.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\framework.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\framework.xul, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon128.ico, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon128.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon16.ico, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon16.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon18.ico, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon18.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon24.ico, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon24.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon32.ico, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon32.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon48.ico, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\icon48.png, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\jquery-1.9.1.min.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\options.xul, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\rjs.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\settings.json, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\content\subscriptloader.js, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],
PUP.Optional.FreeGames.A, C:\Users\Cracked_folder\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers\chrome\skin\framework.css, Quarantined, [aaecd06fccb0e84e51bc55cf6a9933cd],

Physical Sectors: 0
(No malicious items detected)


(end)

RogueKiller V10.0.8.0 (x64) [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Cracked_folder [Administrator]
Mode : Scan -- Date : 11/24/2014 17:53:27

¤¤¤ Processes : 2 ¤¤¤
[Suspicious.Path] MEGAsync.exe -- C:\Users\Cracked_folder\AppData\Local\MEGAsync\MEGAsync.exe[-] -> Killed [TermProc]
[Suspicious.Path] explorer.exe -- C:\Users\Cracked_folder\AppData\Local\MEGAsync\ShellExtX64.dll[-] -> Unloaded

¤¤¤ Registry : 13 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} -> Found
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -> Found
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} -> Found
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO (\??\C:\Users\CRACKE~1\AppData\Local\Temp\ALSysIO64.sys) -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\Users\CRACKE~1\AppData\Local\Temp\ALSysIO64.sys) -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO (\??\C:\Users\CRACKE~1\AppData\Local\Temp\ALSysIO64.sys) -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[Suspicious.Path][File] MEGAsync.lnk -- C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [LNK@] C:\Users\CRACKE~1\AppData\Local\MEGAsync\MEGAsync.exe -> Found

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA ST1000DM003-1CH1 SCSI Disk Device +++++
--- User ---
[MBR] 19b1f35a2c6aa20e8b9f3d0ea4816cd3
[BSP] 64fcb7b3e63aea0a9a82e00c1fc5f7b1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Samsung G3 Station USB Device +++++
--- User ---
[MBR] 5eb5fe2e60700db79b268412e702c829
[BSP] 4676fcf32a02f59e857c2384624d9810 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 16 | Size: 1400532 MB
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): -1426676816 | Size: 30266 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:


- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

tem log z HJT sem dáš????????,

Prepáč vždy to bolo najvačším napísané ale ja som si toho nevšimol, sry.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:59:54, on 25. 11. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\KYE\WideCam F100\Genius_Utility.exe
C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Cracked_folder\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BMISR] C:\Program Files (x86)\KYE\WideCam F100\Genius_Utility.exe
O4 - HKLM\..\Run: [YouCam Service6] "C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe" /s
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Cracked_folder\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\39.0.2171.46\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\39.0.2171.46\remoting_host.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11395 bytes

RogueKiller V10.0.8.0 (x64) [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Cracked_folder [Administrator]
Mode : Delete -- Date : 11/25/2014 17:31:36

¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path] explorer.exe -- C:\Users\Cracked_folder\AppData\Local\MEGAsync\ShellExtX64.dll[-] -> Unloaded

¤¤¤ Registry : 7 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO -> Deleted
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Replaced (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Replaced (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Replaced (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Replaced (0)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 3 ¤¤¤
[IE:Addon] System : Google Toolbar [{2318C2B1-4965-11d4-9B18-009027A5CD4F}] -> Deleted
[FIREFX:Addon] bmqjouky.default : Speed Test [speedtest199@BestOffers] -> Deleted
[FIREFX:Addon] bmqjouky.default : Free Games [freegames197@BestOffers] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA ST1000DM003-1CH1 SCSI Disk Device +++++
--- User ---
[MBR] 19b1f35a2c6aa20e8b9f3d0ea4816cd3
[BSP] 64fcb7b3e63aea0a9a82e00c1fc5f7b1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_11242014_175405.log - RKreport_DEL_11252014_172538.log - RKreport_DEL_11252014_172544.log - RKreport_DEL_11252014_172546.log
RKreport_DEL_11252014_172547.log - RKreport_DEL_11252014_172645.log - RKreport_DEL_11252014_172654.log - RKreport_DEL_11252014_172657.log
RKreport_SCN_11242014_175327.log - RKreport_SCN_11252014_172531.log - RKreport_SCN_11252014_173027.log