PC-HELP.CZ

Zdravím prosím zkontroluje to někdo ? Děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:21, on 31.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kain\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0535C0B7-0A06-449A-A112-6F2E5C624A17}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F02AB7F-49AA-449C-92BF-1C4A55E69432}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CS1\Services\Tcpip\..\{0535C0B7-0A06-449A-A112-6F2E5C624A17}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CS2\Services\Tcpip\..\{0535C0B7-0A06-449A-A112-6F2E5C624A17}: NameServer = 199.203.131.145,82.163.143.167
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9710 bytes

Odinstaluj McAfee

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Ten log je tak dlouhej že sem nejde ani dát...... :/

http://txs.io/BEGb

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 4.9.2015
Čas skenování: 19:39
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.04.06
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Kain

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 344679
Uplynulý čas: 25 min, 46 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 1
PUP.Optional.MultiPlug, C:\Program Files (x86)\ProcessSystem\ProcessSystem.dll, , [eef8e645d2b944f2d9baad0712ef837d],

Klíče registru: 19
PUP.Optional.SearchApp, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [d016e9428b006dc90e707c2ecd37ae52],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize Task[8da6], , [8462ae7d65262412c4602877897b1be5],
PUP.Optional.Superclean, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Superclean, , [d511101b6e1dc96d9a234071a95b09f7],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [994d84a7addee353728c224b0afa03fd],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, , [9452bf6c69225ed8ca3a82a2c83b916f],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [509646e579122c0a5102fb99c73d35cb],
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [21c538f3a7e4a88e3b321913f40f768a],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [a44239f21675a294c9ce1e9a31d3837d],
PUP.Optional.SearchApp, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [df07a487fe8d96a07509b1f99f651ee2],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [38ae1e0d42498fa7bf9ee8ac70942fd1],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [07df71bae1aae452d98530641ee6ad53],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [2abcee3d553682b49e0b5ad29e651ee2],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [38aeb873bad105312369b206d82caf51],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6d75c4f6}, , [9b4bb477c4c7aa8cf03b722ddb29e51b],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [ce181c0f2d5ebc7a21dd2548749055ab],
PUP.Optional.HomeTab, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\HomeTab, , [c52142e9c8c355e126616b27dd279a66],
PUP.Optional.SearchProtect, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SearchProtectWS, , [eff7fc2f9af10234032cdbd05ba9e51b],
PUP.Optional.Wajam, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\WajIntEnhance, , [f1f59794dead7abc087037819b6944bc],
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SUPER OPTIMIZER, , [38ae75b6c0cb77bf8e54b7fa7b891ce4],

Hodnoty registru: 4
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [994d84a7addee353728c224b0afa03fd]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [ce181c0f2d5ebc7a21dd2548749055ab]
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SUPER OPTIMIZER|SetupName, C:\Users\Kain\AppData\Local\Temp\3dc44dbd\246139.ftf, , [38ae75b6c0cb77bf8e54b7fa7b891ce4]
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SUPER OPTIMIZER|AdsBuyNowURL, http://supc.superpctools.revenuewire.ne ... B26D92486A, , [588ef734f19a2c0aedf4bff26d97d927]

Data registru: 10
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[697d73b853386cca876d0650c83d60a0]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ),,[a145e04b6c1f8da94da70b4bcf360df3]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[578fdb506e1dbe78ab491c3a887d2ad6]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[45a1ed3ea4e7d066a8e3e878e02524dc]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[f9ed5ccfccbfbd7915dfef67b94cc53b]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ),,[18cee14ae9a2b680cc28b79fac59cf31]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[499d0526acdfed491cd84b0b15f0738d]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[c52146e5107b6acc5239c29e54b1619f]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0535C0B7-0A06-449A-A112-6F2E5C624A17}|NameServer, 199.203.131.145,82.163.143.167, Dobré: (), Špatné: (199.203.131.145,82.163.143.167),,[658176b50b8022147bd392d32bdab749]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6F02AB7F-49AA-449C-92BF-1C4A55E69432}|NameServer, 199.203.131.145,82.163.143.167, Dobré: (), Špatné: (199.203.131.145,82.163.143.167),,[3da9f43798f330061e304d1814f1aa56]

Složky: 4
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja, , [4a9c37f4008ba492e9b5b7b49173da26],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15548870016514871454, , [24c22ffc276493a3815cd59b64a039c7],
PUP.Optional.SuperOptimizer, C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}, , [d6100f1ca8e37cba1bbdb9f845bf4db3],
PUP.Optional.SuperOptimizer, C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}, , [c4220a214843a78fba1e634ef014f30d],

Soubory: 23
PUP.Optional.MultiPlug, C:\Program Files (x86)\ProcessSystem\ProcessSystem.dll, , [eef8e645d2b944f2d9baad0712ef837d],
PUP.Optional.SuperOptimizer, C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}\hqghumeaylnlf.exe, , [c81e4fdcfd8e0d29698c2a940af72bd5],
PUP.Optional.MultiPlug, C:\ProgramData\{7b21df17-3f8f-0b3f-7b21-1df173f87c5c}\MS Office 2010 Crack Product Serial Key.exe, , [bf2748e392f9fe38e62d73ec40c1fa06],
PUP.Optional.SuperOptimizer, C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}\hqghumeaylnlf.exe, , [5591d9523c4f76c0b63f8d3138c946ba],
PUP.Optional.MultiPlug, C:\Users\Kain\Downloads\MS Office 2010 Crack Product Serial Key.exe, , [ac3ab57648435fd772a1253a01004cb4],
PUP.Optional.SofTonic, C:\Users\Kain\Downloads\SoftonicDownloader_for_microsoft-powerpoint.exe, , [f3f346e55d2ede58695b272e946c34cc],
PUP.Optional.InstallCore, C:\Users\Kain\Downloads\Malavida_Download_Manager.exe, , [0dd9f13a206b1c1aa37c6e28e520e020],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\lsdb.js, , [4a9c37f4008ba492e9b5b7b49173da26],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\background.html, , [4a9c37f4008ba492e9b5b7b49173da26],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\content.js, , [4a9c37f4008ba492e9b5b7b49173da26],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\manifest.json, , [4a9c37f4008ba492e9b5b7b49173da26],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\u3.js, , [4a9c37f4008ba492e9b5b7b49173da26],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15548870016514871454\cd5b15e575e1c3d02b3b1d83d9d22e71.ini, , [24c22ffc276493a3815cd59b64a039c7],
PUP.Optional.MultiPlug, C:\windows\System32\Tasks\Bidaily Synchronize Task[8da6], , [ba2c24076d1eae88f91af5aa26deda26],
PUP.Optional.MultiPlug, C:\windows\Tasks\Bidaily Synchronize Task[8da6].job, , [bc2a83a8761579bd86958f10c53f9a66],
PUP.Optional.Superclean, C:\windows\System32\Tasks\Superclean, , [08def9326a21fd39605b2988bf45f60a],
PUP.Optional.Superclean, C:\windows\Tasks\Superclean.job, , [2bbb39f25a318aac942821909b69e917],
PUP.Optional.SuperOptimizer, C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}\hqghumeaylnlf.dat, , [d6100f1ca8e37cba1bbdb9f845bf4db3],
PUP.Optional.SuperOptimizer, C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}\9c4c2a771bf4295a, , [d6100f1ca8e37cba1bbdb9f845bf4db3],
PUP.Optional.SuperOptimizer, C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}\abecfc8ee284220a, , [d6100f1ca8e37cba1bbdb9f845bf4db3],
PUP.Optional.SuperOptimizer, C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}\hqghumeaylnlf.dat, , [c4220a214843a78fba1e634ef014f30d],
PUP.Optional.SuperOptimizer, C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}\53ff5484250b5cc1, , [c4220a214843a78fba1e634ef014f30d],
PUP.Optional.SuperOptimizer, C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}\9e02f2d102dfbb15, , [c4220a214843a78fba1e634ef014f30d],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně na pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Junkware Removal Tool by Thisisu .... 404 not found

AdwCleaer prostě nedělá žádnej log nejde to vyhledat ani vložit sem... nic se neukáže .... není to ani v ntb.

Junkware Removal Tool stáhni zde.

Ohledně AdwCleaner, po ukončení kontroly klikni na tlačítko LogFile. Jinak na systémovém disku se ti vytvořila složka AdwCleaner a tam by měl být log ve tvaru např. AdwCleaner[S3].txt nebo AdwCleaner[R3].txt

Aha...mě se furt stahuje nějaká sračka jménem REIMAGE a nepustí mě to stáhnout ten AdwCleaner. Až po 20 minutách se mi stáhl. Spustím to znovu a projedu to.

Jo sorry moje chyba. Už to maká.

# AdwCleaner v5.004 - Logfile created 06/09/2015 at 17:18:44
# Updated 26/08/2015 by Xplode
# Database : 2015-09-04.4 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kain - KOUDELKA-PC
# Running from : C:\Users\Kain\Downloads\adwcleaner_5.004.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : ReimageRealTimeProtector
Service Found : 6d75c4f6

***** [ Folders ] *****

Folder Found : C:\rei
Folder Found : C:\Program Files\Reimage
Folder Found : C:\Program Files (x86)\ProcessSystem
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\15548870016514871454
Folder Found : C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}
Folder Found : C:\ProgramData\{7b21df17-3f8f-0b3f-7b21-1df173f87c5c}
Folder Found : C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}
Folder Found : C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair

***** [ Files ] *****

File Found : C:\Users\Kain\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Kain\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\Kain\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Kain\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\windows\Reimage.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : Reimage Reminder
Task Found : ReimageUpdater
Task Found : Superclean

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Key Found : HKLM\SOFTWARE\856c6b13-7421-cc68-79f0-5ff70d6dd0b5
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6d75c4f6}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DD1CFE82-CC89-497D-9573-B8B1867DDA09}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\HomeTab
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\Super Optimizer
Key Found : HKCU\Software\WajIntEnhance
Key Found : HKCU\Software\SearchProtectWS
Key Found : HKCU\Software\Kromtech
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\WajIntEnhance
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\HomeTab
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Reimage
Key Found : [x64] HKCU\Software\Super Optimizer
Key Found : [x64] HKCU\Software\WajIntEnhance
Key Found : [x64] HKCU\Software\SearchProtectWS
Key Found : [x64] HKCU\Software\Kromtech
Key Found : [x64] HKLM\SOFTWARE\Reimage
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}

***** [ Web browsers ] *****

[C:\Users\Kain\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.mystartsearch.com/webfavicon.ico

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6423 bytes] ##########

Další ----

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by Kain on ne 06.09.2015 at 17:32:44,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] 6d75c4f6 [Reboot required]
Successfully deleted: [Service] reimagerealtimeprotector [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\windows\system32\tasks\Bidaily Synchronize Task[8da6]
Successfully deleted: [Task] C:\windows\system32\tasks\Reimage Reminder
Successfully deleted: [Task] C:\windows\system32\tasks\ReimageUpdater
Successfully deleted: [Task] C:\windows\system32\tasks\Superclean
Successfully deleted: [Task] C:\windows\Tasks\Bidaily Synchronize Task[8da6].job
Successfully deleted: [Task] C:\windows\Tasks\Superclean.job



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\AskPartnerNetwork



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Kain\Appdata\Local\{6C3EFC1C-5F31-48B5-A8FA-AC63289E3512}
Successfully deleted: [Empty Folder] C:\Users\Kain\Appdata\Local\{874BA049-7296-475F-BBE7-BF267D6DAF8C}
Successfully deleted: [Empty Folder] C:\Users\Kain\Appdata\Local\{BBD621A0-90A9-4119-B4D7-8D322E6F712B}
Successfully deleted: [Empty Folder] C:\Users\Kain\Appdata\Local\{DE4EB9FF-0903-465A-B240-91342334012E}
Successfully deleted: [Folder] C:\Program Files\reimage
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Successfully deleted: [Folder] C:\ProgramData\partner
Successfully deleted: [Folder] C:\ProgramData\reimage protector
Successfully deleted: [Folder] C:\rei
Successfully deleted: [Folder] C:\ProgramData\{20cfe9f0-cce7-4fbd-20cf-fe9f0ccea7c3}
Successfully deleted: [Folder] C:\ProgramData\{ff241cbb-1d50-7056-ff24-41cbb1d572ec}
Successfully deleted: [Folder] C:\ProgramData\15548870016514871454



~~~ Chrome


[C:\Users\Kain\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Kain\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Kain\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Kain\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 06.09.2015 at 17:37:20,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malware....

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 6.9.2015
Čas skenování: 17:41
Protokol: Malware.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.06.03
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Kain

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 344398
Uplynulý čas: 18 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 16
PUP.Optional.SearchApp, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [6c3f6ebe5c2fd165f6859a11828260a0],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [1398c567a7e41c1a639ea8c7f31137c9],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [e3c82a02d3b86accb59d375e2ed6b050],
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [6249ad7f1a7181b52e44ec4110f328d8],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [8f1cbe6eb4d781b5d2c23386ab591ae6],
PUP.Optional.SearchApp, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [6843bc705f2c191db1cab5f63aca6d93],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [416a32fa3754d95d1c400491996b7f81],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [9f0c2309197275c186d7dcb9a85cb44c],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [f2b9ee3e088338fe16985dd05da6c63a],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [9714cd5f404b39fd4841efcafe0656aa],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6d75c4f6}, , [ebc030fc8dfe38fe32f6a000659fe917],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [b5f6d953e1aa39fd44bda2cd758fec14],
PUP.Optional.HomeTab, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\HomeTab, , [8f1c9993afdcb1853a4c0a894eb6c040],
PUP.Optional.SearchProtect, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SearchProtectWS, , [f5b666c61a71ce68f933ebc122e28c74],
PUP.Optional.Wajam, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\WajIntEnhance, , [8724f834236811258ee76a4fbe463ac6],
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SUPER OPTIMIZER, , [95166bc1eaa16bcbc11ea60cbd47b848],

Hodnoty registru: 4
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [1398c567a7e41c1a639ea8c7f31137c9]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [b5f6d953e1aa39fd44bda2cd758fec14]
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SUPER OPTIMIZER|SetupName, C:\Users\Kain\AppData\Local\Temp\3dc44dbd\246139.ftf, , [95166bc1eaa16bcbc11ea60cbd47b848]
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2534978774-3934751626-2009991965-1000\SOFTWARE\SUPER OPTIMIZER|AdsBuyNowURL, http://supc.superpctools.revenuewire.ne ... B26D92486A, , [8e1d35f72e5d72c448964969ea1ad22e]

Data registru: 9
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[515a64c8acdfac8abdbe4018b64f14ec]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... XXS2W0EVRZ),,[59522309117a54e2fd7e134523e2b34d]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[49622b013a5146f0e6953b1d7e875ea2]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[1c8fd953cdbe6cca6da5530fdc29758b]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[1299ff2d91fa4ee8f08b8ccc778e4db3]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 2W0EVRZ&q={searchTerms}),,[4566e74596f524129ae1f068699cdd23]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[23881e0ec2c93df921f14f13d53033cd]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0535C0B7-0A06-449A-A112-6F2E5C624A17}|NameServer, 199.203.131.145,82.163.143.167, Dobré: (), Špatné: (199.203.131.145,82.163.143.167),,[d6d5b973addebf778254d3935aab06fa]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6F02AB7F-49AA-449C-92BF-1C4A55E69432}|NameServer, 199.203.131.145,82.163.143.167, Dobré: (), Špatné: (199.203.131.145,82.163.143.167),,[2586a389e1aad06623b32145ac59ac54]

Složky: 1
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja, , [208bdf4dc0cbc76f8b169ad251b3728e],

Soubory: 10
PUP.Optional.MultiPlug, C:\ProgramData\{7b21df17-3f8f-0b3f-7b21-1df173f87c5c}\MS Office 2010 Crack Product Serial Key.exe, , [6249e6464e3d65d18da360ff47ba57a9],
PUP.Optional.MultiPlug, C:\Program Files (x86)\ProcessSystem\ProcessSystem.dll, , [0d9e7cb0ee9dfb3b09a6bbf9f908f10f],
PUP.Optional.MultiPlug, C:\Users\Kain\Downloads\MS Office 2010 Crack Product Serial Key.exe, , [84270923eba077bfa987c19e679aaa56],
PUP.Optional.SofTonic, C:\Users\Kain\Downloads\SoftonicDownloader_for_microsoft-powerpoint.exe, , [36753bf1008b56e0e4df59fc966a7789],
PUP.Optional.InstallCore, C:\Users\Kain\Downloads\Malavida_Download_Manager.exe, , [8f1c1616018ad46205a61087c63fca36],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\lsdb.js, , [208bdf4dc0cbc76f8b169ad251b3728e],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\background.html, , [208bdf4dc0cbc76f8b169ad251b3728e],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\content.js, , [208bdf4dc0cbc76f8b169ad251b3728e],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\manifest.json, , [208bdf4dc0cbc76f8b169ad251b3728e],
PUP.Optional.MultiPlug, C:\ProgramData\ifeeeoalbkokglmmdkcalogeddmopoja\u3.js, , [208bdf4dc0cbc76f8b169ad251b3728e],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

V tom RogueKiller to po mi vyskakuje tahle tabulka. Přikládám obrázek. Co teď ? o.O