Prosím o kontrolu logu Vyřešeno

[scink]

Ahoj prosím o kontrolu logu, ntb se začíná sekat, AVAST začal hlásti 54 problémů, vir žádný. Díky moc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:40, on 22. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Users\Kristýna\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [Adobe Speed Launcher] 1423676937 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Adobe Speed Launcher] 1423676937 (User 'Default user')
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11419 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.


Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[scink]

tady jsou ty logy. díky moc
# AdwCleaner v5.003 - Logfile created 24/08/2015 at 10:13:38
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Kristýna - KIKI
# Running from : C:\Users\Kristýna\Desktop\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\OCS
[!] Key Not Deleted : [x64] HKCU\Software\OCS

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [672 bytes] ##########




-------
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 8. 2015
Čas skenování: 10:26
Protokol: malwarebytes.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.24.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Kristýna

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 390860
Uplynulý čas: 21 min, 59 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jaro3]

Odinstaluj:
McAfee Security Scan


Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně na pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[scink]

# AdwCleaner v5.003 - Logfile created 25/08/2015 at 08:55:52
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Kristýna - KIKI
# Running from : C:\Users\Kristýna\Desktop\adwcleaner_5.003.exe
# Option : Scan

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [501 bytes] ##########
--------
# AdwCleaner v5.003 - Logfile created 25/08/2015 at 08:59:15
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Kristýna - KIKI
# Running from : C:\Users\Kristýna\Desktop\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [592 bytes] ##########
-----------------
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 8.1 x64
Ran by Kristěna on Łt 25. 08. 2015 at 9:35:56,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Kristěna\AppData\Roaming\sp_data.sys



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Kristěna\AppData\Roaming\mozilla\firefox\profiles\e3s0uiy6.default\minidumps [30 files]



~~~ Chrome


[C:\Users\Kristěna\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Kristěna\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Kristěna\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Kristěna\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 25. 08. 2015 at 9:44:48,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------------------------------------------------------------------------------
RogueKiller V10.10.2.0 (x64) [Aug 24 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Kristýna [Práva správce]
Started from : C:\Users\Kristýna\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 08/25/2015 10:11:40

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5C64F88B-1E6A-4DC5-86CF-C18C6A3EF6CB} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{723A0E49-C38E-44AC-98CA-F2DEF394A42C} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5C64F88B-1E6A-4DC5-86CF-C18C6A3EF6CB} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{723A0E49-C38E-44AC-98CA-F2DEF394A42C} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.Proxy][FIREFX:Config] e3s0uiy6.default : user_pref("network.proxy.type", 4); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 08012fcfb7feaed34f7fe1d7db301921
[BSP] 7921e2d6940146c3f934b6eb2508e879 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 381096 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 782796800 | Size: 450 MB
5 - Basic data partition | Offset (sectors): 783718400 | Size: 550704 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911560192 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK

Děkuji

[Orcus]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Co problémy? + nový log z HJT

[scink]

tady je ten první log:
RogueKiller V10.10.2.0 (x64) [Aug 24 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Kristýna [Práva správce]
Started from : C:\Users\Kristýna\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 08/25/2015 17:15:09

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2964926128-112590079-1238007661-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5C64F88B-1E6A-4DC5-86CF-C18C6A3EF6CB} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{723A0E49-C38E-44AC-98CA-F2DEF394A42C} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5C64F88B-1E6A-4DC5-86CF-C18C6A3EF6CB} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{723A0E49-C38E-44AC-98CA-F2DEF394A42C} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FIREFX:Addon] e3s0uiy6.default : Avast Online Security [wrc@avast.com] -> Smazáno
[PUM.Proxy][FIREFX:Config] e3s0uiy6.default : user_pref("network.proxy.type", 4); -> Nahrazeno (0)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 08012fcfb7feaed34f7fe1d7db301921
[BSP] 7921e2d6940146c3f934b6eb2508e879 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 381096 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 782796800 | Size: 450 MB
5 - Basic data partition | Offset (sectors): 783718400 | Size: 550704 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911560192 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK

-------
zoek.exe se mi vůbec nechce spustit

[memphisto]

Co nouzový režim?

[scink]

nakonec se mi to podařilo spustit, tady je log:


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Kristěna on źt 27. 08. 2015 at 10:29:43,99.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\KRISTN~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27. 8. 2015 10:33:19 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Adobe deleted successfully
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\epson deleted successfully
C:\PROGRA~2\COMMON~1\EPSON deleted successfully
C:\Users\UpdatusUser\AppData\\LocalLow deleted successfully
C:\Users\KRISTN~1\AppData\Local\CrashDumps deleted successfully
C:\Users\KRISTN~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\KRISTN~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\KRISTN~1\AppData\Local\EmieUserList deleted successfully
C:\Users\KRISTN~1\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\KRISTN~1\AppData\Roaming\Mozilla\Firefox\Profiles\e3s0uiy6.default\prefs.js:

Added to C:\Users\KRISTN~1\AppData\Roaming\Mozilla\Firefox\Profiles\e3s0uiy6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Adobe not found
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\epson not found
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\KRISTN~1\AppData\Roaming\Mozilla\Firefox\Profiles\e3s0uiy6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05. 08. 2015 12:17]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21. 03. 2015 11:40]

Avast Online Security - KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Startpages ======================

C:\Users\KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"account_tracker_service_last_update":"13085137711593996","browser":{"last_known_google_url":"https://www.google.cz/","suppress_switch_to_metro_mode_on_set_default":true,"window_placement":{"bottom":793,"left":443,"maximized":false,"right":1115,"top":45,"work_area_bottom":768,"work_area_left":0,"work_area_right":1366,"work_area_top":0}},"countryid_at_install":17242,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","5082693","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1360"],"daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","5082693","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1360"],"daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"last_update_date":"13080175200000000"},"default_apps_install_state":3,"distribution":{"do_not_launch_chrome":true,"import_home_page":false,"make_chrome_default":true,"suppress_first_run_default_browser_prompt":false},"dns_prefetching":{"host_referral_list":[2,["https://accounts.google.com/",["https://apis.google.com/",1.9116543432291524,"https://oauth.googleusercontent.com/",1.9116543432291524,"https://ssl.gstatic.com/",1.9116543432291524]],["https://apis.google.com/",["https://apis.google.com/",2.1894160854077476,"https://fonts.gstatic.com/",1.9116543432291524]],["https://fonts.googleapis.com/",["https://fonts.gstatic.com/",4.6892717650151]],["https://ipm-provider.ff.avast.com/",["http://www.avast.com/",1.2616918665312407,"https://www.avast.com/",1.2616918665312407]],["https://www.avast.com/",["https://ans.avast.com/",2.1894160854077476,"https://dev.visualwebsiteoptimizer.com/",1.9116543432291524,"https://static.avast.com/",1.9116543432291524]],["https://www.google.com/",["https://accounts.google.com/",1.9116543432291524,"https://apis.google.com/",2.744939569764937,"https://fonts.googleapis.com/",1.9116543432291524,"https://ssl.google-analytics.com/",2.1894160854077476,"https://ssl.gstatic.com/",1.9116543432291524,"https://www.google.com/",5.244795249372289,"https://www.gstatic.com/",1.9116543432291524]]],"startup_list":[1]},"extensions":{"alerts":{"initialized":true},"autoupdate":{"next_check":"13085138066867198"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"install_signature":{"expire_date":"2015-09-23","ids":["aapocclcgogkmnckokdopfmhonfmgoek","aohghmighlieiainnegkcijnfilokake","felcaaldnbdncclmgdcncolpebgiejap","gomekmidlodglbbmalcneegieacbdmki"],"invalid_ids":[],"salt":"3Yn9G1SKIQ1/ws/fPPZ9UZsTO2ogEw4cwd11X40hgj8=","signature":"KVkhjoyjSQa+B7MzUAMYJEs5YQmIPiJRXRA/D+RfaG0uT4DIz5q2mL8ONeEuBAi0YieLbActXVUkSV7RwP/AVJM0gZjUjP9/yUrx9G3vUDokS/Y2F8ZlRGa8tT/7vktSELtC0aRUzb4dAeiQoOTuu52WUgATT1X6DaR8+6gFhQIMrLNCJM8SXGL6ng1c600YrYLbzBjr2lKrmD6m9YMASSGa6iWoUr7bgU+tD+yeuCikunYh+kzt+a21yLRBuMpHAFJYjRSx7FMdWl05XQLA+lvpOtwaf6uMOJxDhMvV6N8Fen0hGNrCd5Zb/akogRBQltg24kBaTu/7qwIxCRmP7A==","signature_format_version":2,"timestamp":"13080219900209616"},"last_chrome_version":"44.0.2403.157"},"first_run_tabs":["http://welcome_page"],"http_original_content_length":"5084053","http_received_content_length":"5084053","intl":{"accept_languages":"cs-CZ,cs"},"invalidator":{"client_id":"arS4ri2TpcXX7KLoe+m9iA=="},"media":{"device_id_salt":"mJXbslhfbDuwY7Gt1/eWGg=="},"net":{"http_server_properties":{"servers":{"accounts.google.com:443":{"supports_spdy":true},"apis.google.com:443":{"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"clients2.googleusercontent.com:443":{"supports_spdy":true},"fonts.googleapis.com:443":{"supports_spdy":true},"fonts.gstatic.com:443":{"supports_spdy":true},"oauth.googleusercontent.com:443":{"supports_spdy":true},"ssl.google-analytics.com:443":{"supports_spdy":true},"www.google.com:443":{"supports_spdy":true},"www.gstatic.com:443":{"supports_spdy":true}},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"PrvnĂ­ uĹľivatel","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13078488282495990"},"sync_promo":{"show_on_first_run_allowed":false},"translate_blocked_languages":["cs"],"translate_whitelists":{}}
978ABAF4D0B7CE43BDB5DE70C24FC4C987A79132137DA1D91A","ahfgeienlihckogmohjhadlkjgocpleb":"D527DAA2E99E085F812319A726A6DB7D15F399C8256DF6396C901C07898EC28F","aohghmighlieiainnegkcijnfilokake":"0724D76FA79180533536E7DDC7CC1F3297AC81926CFA0E48275AC707D39F8015","apdfllckaahabafndbhieahigkjlhalf":"C3488F2958C0D5C132C04AFC51A45A1B3A9597E98419366223DBB3EB8740F178","bepbmhgboaologfdajaanbcjmnhjmhfn":"47C9498DA15C7FEE76487129F1D252F2EE31617C8B17D92D74AF89FED2FF46D5","blpcfgokakmgnkcojhhkbfbldkacnbeo":"043AFF40F471606884D0B748E0DB2AEDB8B61BEE54AA6A298B558A785DCEC5D6","coobgpohoikkiipiblmjeljniedjpjpf":"A7B533149E705E631214009F02D1327677E407AE47EE320791425682374A5E18","eemcgdkfndhakfknompkggombfjjjeno":"E5C743A91890EA247610648C71CFB525964D3C9E04BAB32AAA90CD35B180CE58","ennkphjdgehloodpbhlhldgbnhmacadg":"E32B754BFF90521C005D6A302B808F0A352B3E61AA898DCB70013AB8568B69C0","felcaaldnbdncclmgdcncolpebgiejap":"CE0A6B6898CBE2A628498B99FE41A71FBD0630E5F3A9AD5AA066A7D3F4980C11","gfdkimpbcpahaombhbimeihdjnejgicl":"BAF40A3F1C453999DB3137C85F23DF9F4FD7B356A27D55210743E43FCF7F49A6","gomekmidlodglbbmalcneegieacbdmki":"D6ED43C7B75FA3B40BCFD0B34E51AFEFE09F1B5E8A11808AE791F1DE58258BF7","kmendfapggjehodndflmmgagdbamhnfd":"2A9FE59C71F93607A0830D33B709F51E817E3B6E8DC078A147C6B668CE9113D7","mfehgcgbbipciphmccgaenjidiccnmng":"1BC34FC1B1C6D3F23EBB282D7C06D13B9B8F9F2361FDF13CE57D0212263C4B50","mgndgikekgjfcpckkfioiadnlibdjbkf":"7B90BBCE05E6401B7DAFD54B163FB16F56265BCC93E9CDC56E4A0B60E92AE3A4","mhjfbmdgcfjbbpaeojofohoefgiehjai":"FB936C204D3D4DA023ED4CADFF7B8898454FE34746F7A745F554EAF07C464B5D","neajdppkdcdipfabeoofebfddakdcjhd":"E07FB8BE0EFC75AA0A701033E0BFE40D38E00D9D9C8E49E42FF9473ECCBA09EA","nkeimhogjdpnpccoofpliimaahmaaome":"2DD4FA4F2912DE64019C1BF1FFD901158969B27EF7EAED27BD2E30484691AC6E","nmmhkkegccagdldgiimedpiccmgmieda":"FB43C6BE2202C3AA61AB63572C1B4463DBEDC27F418C07D272C4E62AFBB667B4","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"B85B41790EA3FED6DC67F8A40186C123CE82F9A4BFAD28C9E96DE529D02856F8","pjkljhegncpnkpknbcohdijeoejaedia":"515B1B372981204FB8DCC29BE0F65F1A1AE40800B51489A8659969C1AA3CB06A"}},"google":{"services":{"account_id":"04CE76914FF434B1B27FC80CAD5BE21142FC39DF8EBE75E7766B9A6E265D3FA6","last_username":"3BA805FDD48B7C3899EB7579F67F2F9DBF954E984F41138947FC402FE5260EE0","username":"589C2DC4ED1F00751D3897F3587D819967C89359EA29A7EA87036915AE6337E3"}},"homepage":"003A2774D710BC7FA26E0E839C8644FE1A8C31365F81697F4E287F184683C10C","homepage_is_newtabpage":"FF8E74A192327BC77E26A81C19E66DDE19422934B6F9F8262422191B0923AB18","pinned_tabs":"8447E35DCB85A01F95A461EBF7AF91EAE8CFB656B51877E96FDB96AECD5515BB","prefs":{"preference_reset_time":"64FAE0E6A96F44E359033511B1422EEB0A5E7FB58AF97FE1E262D87B66D8E4F3"},"profile":{"reset_prompt_memento":"85BAD16A49CD30B71D45D4B4912699F7263E5AF22DB2B2E9E7E9D1229E52179A"},"safebrowsing":{"incidents_sent":"85C097FEA12BD4A9507BA969D84E1EF08E7B9DDDA9AC0A7A8820AF4FEACF65AE"},"search_provider_overrides":"C5AFF3898904518D24325849775E3AD5DF6593A2C89DBE140499289D7EFE7490","session":{"restore_on_startup":"7607B6742EF3CA372702659F769570715F4B6CB44327DF36EB39234720CED869","startup_urls":"220F6EC46C4333C6EA45D5209D2E970895009B5857DDD42B33C74AB26454D752"},"software_reporter":{"prompt_reason":"B6462C75547132588E5743AD95486DB8D73BFD5FCEA64D48BD6CEA57D3D7E36E","prompt_seed":"B10B1573CC17A8598B4F8D0035449004EF7EF5638F609F683F2954FB1CCA8935","prompt_version":"77373982CD24E16E1DEE9C58968523B719BFFC5B1C151482418FC97FE8933392"},"sync":{"remaining_rollback_tries":"7A71404C8C513F22383C158C17C46B1099077E38D36033AD08C9C0149B2E468E"}},"super_mac":"3CC3560DFF64E04D52C0501C26091D490EC2DCEEA4C7CD4E6182A2F30C72D53A"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"]}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\KRISTN~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\KRISTN~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\KRISTN~1\AppData\Local\Mozilla\Firefox\Profiles\e3s0uiy6.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\KRISTN~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14 folders=15 14050756 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\KRISTN~1\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\KRISTN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 27. 08. 2015 at 11:46:53,19 ======================

[jaro3]

Vlož nový log z HJT + informuj o problémech.

[scink]

Tady je ten log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:30:47, on 27. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Users\Kristýna\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [Adobe Speed Launcher] 1423676937 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Adobe Speed Launcher] 1423676937 (User 'Default user')
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11101 bytes
-------------------------------
noťas je pomalejší a pomalejší, zvlášť co se týče internetu. Když spustím správce úloh, tak mi to obvykle hlásí procesor 80 %, paměť přes 60 a disk 100, aniž by to něco využívalo

díky

[jaro3]

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.