Prosím o kontorlu --> otravné reklamy Vyřešeno

[CitroCZ]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:51, on 12.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\{8e0d644f-db32-ed99-8e0d-d644fdb3913f}\Arash_Boro_Boro___Lyrics.exe
D:\Programy\Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Svata\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid ... Z&unqvl=85
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid ... Z&unqvl=85
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Smoothvieew - {522b4454-0bbe-476b-954e-1c3a2764a149} - C:\Program Files (x86)\Smoothvieew\FGLe1j9NGRpxBK.dll
O2 - BHO: NiCeOffers - {dd8a31b5-bffd-4c1b-9581-9d0c28f9de22} - C:\Program Files (x86)\NiCeOffers\nauoevz6HHPCxg.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SystemStart] C:\Users\Public\System\game.vbs
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Arash_Boro_Boro___Lyrics.lnk = C:\ProgramData\{8e0d644f-db32-ed99-8e0d-d644fdb3913f}\Arash_Boro_Boro___Lyrics.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programy\Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8646 bytes

[Reklama]

[jerabina]

No, je tam toho požehnaně

Nevidím tam antivir, nainstalujte si tedy např. Avast

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[CitroCZ]

Log z ADWCleaner (Po stáhnutí Avast a dlouhé kontrole a následném odstraňovaní virů, veškeré reklamy zmizely, mám tedy stahovat ten program proti malware a td .. ?)

# AdwCleaner v4.201 - Log vytvořen 12/04/2015 v 23:26:51
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : Svata - SVATA-PC
# Spuštěno z : C:\Users\Svata\Desktop\adwcleaner_4.201.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Program Files (x86)\DoWnSavE
Složka Nalezeno : C:\Program Files (x86)\FiindBueSStDeal
Složka Nalezeno : C:\Program Files (x86)\RoobuoSaVeeR
Složka Nalezeno : C:\Program Files (x86)\SaalePlus
Složka Nalezeno : C:\Program Files (x86)\SalePlus
Složka Nalezeno : C:\Program Files (x86)\SystemPromote
Složka Nalezeno : C:\Program Files (x86)\UniDeallSa
Složka Nalezeno : C:\Program Files (x86)\UniDeals
Složka Nalezeno : C:\Program Files (x86)\UniDealse
Složka Nalezeno : C:\Program Files (x86)\UnIDeiaals
Složka Nalezeno : C:\Program Files (x86)\youtubeadblocker
Složka Nalezeno : C:\ProgramData\e032edfb00005ca7
Složka Nalezeno : C:\Users\Svata\AppData\Roaming\eCyber
Složka Nalezeno : C:\Users\Svata\AppData\Roaming\EZDownloader
Složka Nalezeno : C:\Users\Svata\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\Svata\AppData\Roaming\Solvusoft
Soubor Nalezeno : C:\Windows\System32\roboot64.exe

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Nalezeno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.coolsearches.info
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Nalezeno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Nalezeno : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Nalezeno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Nalezeno : HKLM\SOFTWARE\89de37f3-2078-695d-199f-6675d4750518
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{6137A08F-29B1-4E48-B6A1-70CC3ABF50F7}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{41218fb7}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b0dea870}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Klíč Nalezeno : HKLM\SOFTWARE\Solvusoft

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17689

Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.coolsearches.info/?pid ... Z&unqvl=85
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.coolsearches.info/?pid ... Z&unqvl=85

-\\ Google Chrome v41.0.2272.101

[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=2252&r=2015/03/27&hid=15868545116559291174&lg=EN&cc=CZ&unqvl=85
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=2252&r=2015/03/27&hid=15868545116559291174&lg=EN&cc=CZ&unqvl=85
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://mp3tubetoolbarsearch.com/?tmp=ne ... &keywords={searchTerms}
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=625&r=2014/06/01&hid=5557620058822652860&lg=EN&cc=CZ&unqvl=55
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://mp3tubetoolbar.com/?tmp=toolbar_ ... &Keywords={searchTerms}&clid=d8043b5873564c628f73877e552b817f
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Homepage] : hxxp://www.mysearchresults.com/?c=3523&t=01
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp& ... J1BQ901556

*************************

AdwCleaner[R0].txt - [6093 bytů] - [12/04/2015 23:26:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6151 bytů] ##########

[CitroCZ]

Omlouvám se, ale asi jsem vložil špatný vlog. Po restartu PC mi vyběhl nový, který se liší zde ho dokládám :

# AdwCleaner v4.201 - Log vytvořen 12/04/2015 v 23:33:14
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : Svata - SVATA-PC
# Spuštěno z : C:\Users\Svata\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\e032edfb00005ca7
Složka Smazáno : C:\Program Files (x86)\SystemPromote
Složka Smazáno : C:\Program Files (x86)\DoWnSavE
Složka Smazáno : C:\Program Files (x86)\FiindBueSStDeal
Složka Smazáno : C:\Program Files (x86)\RoobuoSaVeeR
Složka Smazáno : C:\Program Files (x86)\SaalePlus
Složka Smazáno : C:\Program Files (x86)\SalePlus
Složka Smazáno : C:\Program Files (x86)\UniDeallSa
Složka Smazáno : C:\Program Files (x86)\UniDeals
Složka Smazáno : C:\Program Files (x86)\UniDealse
Složka Smazáno : C:\Program Files (x86)\UnIDeiaals
Složka Smazáno : C:\Program Files (x86)\youtubeadblocker
Složka Smazáno : C:\Users\Svata\AppData\Roaming\eCyber
Složka Smazáno : C:\Users\Svata\AppData\Roaming\EZDownloader
Složka Smazáno : C:\Users\Svata\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Svata\AppData\Roaming\Solvusoft
Soubor Smazáno : C:\Windows\System32\roboot64.exe

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\89de37f3-2078-695d-199f-6675d4750518
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{41218fb7}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b0dea870}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{6137A08F-29B1-4E48-B6A1-70CC3ABF50F7}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\Solvusoft
Klíč Smazáno : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.coolsearches.info

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17689

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v41.0.2272.101

[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=2252&r=2015/03/27&hid=15868545116559291174&lg=EN&cc=CZ&unqvl=85
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=2252&r=2015/03/27&hid=15868545116559291174&lg=EN&cc=CZ&unqvl=85
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://mp3tubetoolbarsearch.com/?tmp=ne ... &keywords={searchTerms}
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=625&r=2014/06/01&hid=5557620058822652860&lg=EN&cc=CZ&unqvl=55
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://mp3tubetoolbar.com/?tmp=toolbar_ ... &Keywords={searchTerms}&clid=d8043b5873564c628f73877e552b817f
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.mysearchresults.com/?c=3523&t=01
[C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp& ... J1BQ901556

*************************

AdwCleaner[R0].txt - [6237 bytů] - [12/04/2015 23:26:51]
AdwCleaner[S0].txt - [5445 bytů] - [12/04/2015 23:33:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5503 bytů] ##########

[Orcus]

A MBAM?

[CitroCZ]

MBAM ?

[jerabina]

Jedná se o Malwarebytes' Anti-Malware, návod na něj je hned pod AdwCleanerem v mém prvním příspěvku

[CitroCZ]

log z MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13.4.2015
Čas skenování: 16:10:31
Protokol: text.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.13.05
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Svata

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 333298
Uplynulý čas: 13 min, 58 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.Multiplug, HKU\S-1-5-21-2803435921-266408332-3178483983-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [23f60c60f892ef47d1a670ca62a10ef2],
PUP.Optional.Multiplug, HKU\S-1-5-21-2803435921-266408332-3178483983-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [23f60c60f892ef47d1a670ca62a10ef2],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 3
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.TheAdBlock.A, C:\ProgramData\TheAdBlock, , [f623afbdec9ee452a740a80143c0f40c],

Soubory: 8
PUP.Optional.EZDownloader.A, C:\Users\Svata\AppData\Local\Temp\DF08\temp\EzDownloader_setup.exe, , [1900a4c8f59560d62e9562bfc937768a],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Temp\DF08\temp\hpds_setup.exe, , [c75256168505270f3380cc9508fab14f],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\lsdb.js, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\background.html, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\content.js, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\gITn7aSx9L.js, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\manifest.json, , [dd3c630971191a1c54283d16f70e07f9],
PUP.Optional.TheAdBlock.A, C:\ProgramData\TheAdBlock\TheAdBlock.exe, , [f623afbdec9ee452a740a80143c0f40c],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jerabina]

Super

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[CitroCZ]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13.4.2015
Čas skenování: 19:50:16
Protokol: text.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.13.06
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Svata

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 334753
Uplynulý čas: 12 min, 14 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.Multiplug, HKU\S-1-5-21-2803435921-266408332-3178483983-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Do karantény, [98825e0ec3c789ad3f64e25849ba7e82],
PUP.Optional.Multiplug, HKU\S-1-5-21-2803435921-266408332-3178483983-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Do karantény, [98825e0ec3c789ad3f64e25849ba7e82],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 4
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.TheAdBlock.A, C:\ProgramData\TheAdBlock, Do karantény, [e634adbff892ec4acb4973372cd77b85],
PUP.Optional.DiscountMan.A, C:\Program Files (x86)\DiscountMan, Do karantény, [b367511bbfcbce68b4f28339a85b07f9],

Soubory: 10
PUP.Optional.EZDownloader.A, C:\Users\Svata\AppData\Local\Temp\DF08\temp\EzDownloader_setup.exe, Do karantény, [d74359131f6b00361ea5ee33bc44c23e],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Temp\DF08\temp\hpds_setup.exe, Do karantény, [5ebcf27aa7e35cda90495110996934cc],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\lsdb.js, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\background.html, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\content.js, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\gITn7aSx9L.js, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.MultiPlug.A, C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\207\manifest.json, Do karantény, [9f7be78541494cea7c4271e2de2754ac],
PUP.Optional.TheAdBlock.A, C:\ProgramData\TheAdBlock\TheAdBlock.exe, Do karantény, [e634adbff892ec4acb4973372cd77b85],
PUP.Optional.DiscountMan.A, C:\Program Files (x86)\DiscountMan\DiscountMan.dat, Do karantény, [b367511bbfcbce68b4f28339a85b07f9],
PUP.Optional.DiscountMan.A, C:\Program Files (x86)\DiscountMan\DiscountMan.exe, Do karantény, [b367511bbfcbce68b4f28339a85b07f9],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.4 (04.13.2015:1)
OS: Windows 7 Professional x64
Ran by Svata on po 13.04.2015 at 20:11:51,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13.04.2015 at 20:16:09,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




RogueKiller V10.5.9.0 (x64) [Apr 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Svata [Práva správce]
Started from : C:\Users\Svata\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 04/13/2015 20:39:03

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 11 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8AD88B6C-02C5-473F-B74F-2A12378F091B} | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8AD88B6C-02C5-473F-B74F-2A12378F091B} | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{8AD88B6C-02C5-473F-B74F-2A12378F091B} | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2803435921-266408332-3178483983-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2803435921-266408332-3178483983-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 1c0ab6d58a0ca24d7c62b378c467959b
[BSP] 18177bd5529faa10d8c5eb5cbc6f0b81 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 299901 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 614405925 | Size: 310467 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[jerabina]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

[CitroCZ]

RogueKiller :

RogueKiller V10.5.9.0 (x64) [Apr 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Svata [Práva správce]
Started from : C:\Users\Svata\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 04/13/2015 21:50:54

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8AD88B6C-02C5-473F-B74F-2A12378F091B} | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8AD88B6C-02C5-473F-B74F-2A12378F091B} | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{8AD88B6C-02C5-473F-B74F-2A12378F091B} | DhcpNameServer : 10.108.10.108 192.168.0.1 [(Private Address) (XX)][-] -> Nahrazeno ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2803435921-266408332-3178483983-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2803435921-266408332-3178483983-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 1c0ab6d58a0ca24d7c62b378c467959b
[BSP] 18177bd5529faa10d8c5eb5cbc6f0b81 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 299901 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 614405925 | Size: 310467 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_SCN_04132015_203858.log - RKreport_SCN_04132015_214423.log


Zoek.exe :


Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Svata on po 13.04.2015 at 21:53:55,60.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Svata\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.4.2015 21:55:47 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\ReactorKeeper deleted successfully
C:\PROGRA~2\SegmentSustainer deleted successfully
C:\PROGRA~2\SystemAugment deleted successfully
C:\PROGRA~3\{35096ad4-62ba-e746-3509-96ad462bab51} deleted successfully
C:\Users\Svata\AppData\Roaming\Opera Software deleted successfully
C:\Users\Svata\AppData\Local\Opera Software deleted successfully
C:\Users\Svata\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\ReactorKeeper not found
C:\PROGRA~2\SegmentSustainer not found
C:\PROGRA~2\SystemAugment not found
C:\PROGRA~3\{35096ad4-62ba-e746-3509-96ad462bab51} not found
C:\PROGRA~2\NiCeOffers deleted
C:\PROGRA~2\Smoothvieew deleted
C:\PROGRA~2\Center'd Center the new YT deleted
C:\PROGRA~2\Shareaholic for Pinterest deleted
C:\PROGRA~2\Super Notifier deleted
C:\Users\Svata\AppData\Roaming\.minecraft deleted
C:\PROGRA~3\kfcgdkjnaihhiedkdodhkchkafeopfej deleted
C:\PROGRA~3\{7cd21dc2-2b9d-1548-7cd2-21dc22b97708} deleted
C:\PROGRA~3\{86fe657e-e9f3-ee8f-86fe-e657ee9f95fb} deleted
C:\PROGRA~3\{8e0d644f-db32-ed99-8e0d-d644fdb3913f} deleted
C:\PROGRA~3\{af2a5ef0-1f1c-e424-af2a-a5ef01f17bc0} deleted
C:\PROGRA~3\{ed324708-6e13-05ba-ed32-247086e11c21} deleted
C:\PROGRA~3\aigbdjbpdhgjmbpoblakibpjohdofoja deleted
C:\PROGRA~3\ekigbaehdfabagienbdlpfkkjgmlpacg deleted
C:\PROGRA~3\lfldhhgjcblnabdamebiondmikjbeggb deleted
C:\PROGRA~3\18346886354835124620 deleted
C:\Users\Svata\AppData\Roaming\appdataFr3.bin deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-2803435921-266408332-3178483983-1000 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12.04.2015 20:56]

==== Chromium Look ======================

Google Chrome Version: 41.0.2272.101 (Possible outdated, latest Stable version: 41.0.2272.118) [z-db]

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12.04.2015 20:56]

uBlock - Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Bookmark Manager - Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Blue Space Sunset Chrome Theme - Svata\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog

==== Chromium Startpages ======================

C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.mysearchresults.com/?c=3523&t=01",
"startup_urls": [ "http://isearch.omiga-plus.com/?type=hp&ts=1421073340&from=ild&uid=SAMSUNGXHD642JJ_S1AFJ1BQ901556", "http://www.seznam.cz/", "http://www.mystartsearch.com/?type=hp&ts=1426685978&from=wpc&uid=SAMSUNGXHD642JJ_S1AFJ1BQ901556" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E9AD2F38-EF9C-B9DA-048A-A92FBC17701E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8CE9822A-21D0-0BCB-572F-5B74B2D0437A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{214E251B-BF42-BF18-588C-42DA92658DB4} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Svata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Svata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Svata\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2336 folders=523 523718971 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Svata\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Svata\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 13.04.2015 at 22:30:30,66 ======================

HJT :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:36:15, on 13.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)


Boot mode: Normal

Running processes:
D:\Programy\Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Svata\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SystemStart] C:\Users\Public\System\game.vbs
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programy\Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programy\Malwarebytes'\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7239 bytes


Problémy :
Co jsem se tak krátce podíval tak mě tu nic nešokovalo. Google mi to promazalo. Reklamy se změnily a zmenšili svůj počet, už nejsou na truc uprostřed stránky. Na této stránce mám pouze 2 ( dokládám obrázek ) A při spouštění HiJackThis mi naskočilo okýnko před skenováním (obrázek)