Prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu

Příspěvekod Korzarek » 19 pro 2017 11:25

Dobrý den,
prosím o kontolu mého NTB.
Nevykazuje žádné viditelné problémy, ale chtěl bych ho projet preventivně. (ukázalo se, že to asi bude potřeba :-)

Zatím jsem udělal prvních pár kroků - HJT, ATF Cleaner, TFC, AdwCleaner a Malwarebytes - viz níže:

Logfile of Trend Micro HijackThisv2.0.4
Scan saved at 16:56:13, on 18.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\dxconfig.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe
C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
C:\Program Files\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\kutik\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 4GLHSP42KX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 4GLHSP42KX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... HSP42KX&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... HSP42KX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 4GLHSP42KX
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [FreePDF Assistant] "C:\Program Files\FreePDF_XP\fpassist.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = BAUMAX.com
O17 - HKLM\Software\..\Telephony: DomainName = BAUMAX.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = BAUMAX.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = BAUMAX.com
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Protocol: WSKVAllmytubechrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: DameWare Mini Remote Control (dwmrcs) - SolarWinds - C:\Windows\dwrcs\dwrcs.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Microsoft DirectX Configuration Service - Unknown owner - C:\Windows\system32\dxconfig.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMS Task Sequence Agent (smstsmgr) - Unknown owner - C:\Windows\system32\CCM\TSManager.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\DOKUMENTY_KUTIK\PF\Teamwiever\TeamViewer_Service.exe
O23 - Service: Therefore™ Conversion Service (TheConversionServer) - Therefore Corporation - C:\Program Files\Therefore\TheConversionServer.exe
O23 - Service: Therefore™ Installer Service (TheInstaller) - Therefore Corporation - C:\Program Files\Therefore\TheInstaller.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE

--
End of file - 8765 bytes

---------------------------------------------------------

ATF Cleaner= hotovo

---------------------------------------------------------

TFC = hotovo

--------------------------------------------------

AdwCleaner = hotovo

# AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 18 16:19:24 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 12-15-2017.1
# Running on Windows 7 Enterprise (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\MailUpdate
PUP.Optional.Legacy, C:\ProgramData\Application Data\MailUpdate
PUP.Optional.Legacy, C:\Users\All Users\MailUpdate
PUP.Optional.Legacy, C:\Users\kutik\AppData\Roaming\MailUpdate
PUP.Optional.Legacy, C:\ProgramData\trusted publisher
PUP.Optional.Legacy, C:\ProgramData\Application Data\trusted publisher
PUP.Optional.Legacy, C:\Users\All Users\trusted publisher
PUP.Optional.Legacy, C:\Users\kutik\AppData\Local\DriverToolkit
PUP.Optional.Legacy, C:\Users\Administrator\AppData\Local\torch
PUP.Optional.Legacy, C:\Users\kutik\AppData\Local\torch
PUP.Optional.Legacy, C:\ProgramData\Trusted Publisher
PUP.Optional.Legacy, C:\ProgramData\Application Data\Trusted Publisher
PUP.Optional.Legacy, C:\Users\All Users\Trusted Publisher
PUP.Optional.Legacy, C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
PUP.Optional.Legacy, C:\ProgramData\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
PUP.Optional.Legacy, C:\Users\All Users\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser
PUP.Optional.SupTab, C:\Program Files\SupTab
PUP.Optional.EZDownloader, C:\Users\kutik\AppData\Roaming\EZDownloader
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices
PUP.Optional.IEPluginServices, C:\ProgramData\Application Data\IePluginServices
PUP.Optional.IEPluginServices, C:\Users\All Users\IePluginServices
PUP.Optional.MultiPlug, C:\ProgramData\adblocker
PUP.Optional.MultiPlug, C:\ProgramData\Application Data\adblocker
PUP.Optional.MultiPlug, C:\Users\All Users\adblocker
PUP.Adware.Heuristic, C:\ProgramData\1ab0a4847f6b4312


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\kutik\AppData\Roaming\LiveSupport.exe_log.txt
PUP.Optional.Legacy, C:\Users\kutik\AppData\Roaming\regsvr32.exe_log.txt


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, DRIVERTOOLKIT AUTORUN
PUP.Adware.Heuristic, At1


***** [ Registry ] *****

PUP.Optional.PCOptimizerPro, [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Optimizer Pro
PUP.Optional.PCOptimizerPro, [Key] - HKCU\Software\Optimizer Pro
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Default_Page_URL [http:\\istart.webssearches.com\?type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Default_Page_URL [http:\\istart.webssearches.com\?type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [http:\\istart.webssearches.com\web\?type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [http:\\istart.webssearches.com\web\?type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Page_URL [http:\\istart.webssearches.com\?type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Page_URL [http:\\istart.webssearches.com\?type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Start Page [http:\\istart.webssearches.com\?type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Start Page [http:\\istart.webssearches.com\?type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [http:\\istart.webssearches.com\web\?type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [http:\\istart.webssearches.com\web\?type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\webssearchesSoftware
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SUPDP
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\DriverToolkit
PUP.Optional.Legacy, [Key] - HKCU\Software\DriverToolkit
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SupDp
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.SupTab, [Key] - HKLM\SOFTWARE\SupTab
PUP.Optional.IEPluginServices, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.IEPluginServices, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
PUP.Optional.IEPluginServices, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.MultiPlug, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
PUP.Optional.MultiPlug, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
PUP.Optional.WebSearches.ShrtCln, [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\SupHpUISoft
PUP.Optional.WebSearches.ShrtCln, [Key] - HKCU\Software\SupHpUISoft
PUP.Adware.Heuristic, [Key] - HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
-----------------------------------------------------------------------------------------

Reklama
Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 19 pro 2017 11:28

---- pokračování ----

Malwarebytes = hotovo, našel toho docela dost :-) Nic jsem zatím nemazal.

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 18.12.17
Čas skenování: 17:29
Logovací soubor: a820c818-e410-11e7-ae02-9c8e993ed09a.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3513
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: CZLCMT004\kutik

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 281843
Zjištěné hrozby: 406
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 7 min, 23 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 15
PUP.Optional.MultiPlug, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Žádná uživatelská akce, [231], [-1],0.0.0
PUP.Optional.WebSearches.ShrtCln, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\SupHpUISoft, Žádná uživatelská akce, [10571], [190053],1.0.3513
PUP.Optional.MultiPlug, HKU\S-1-5-21-3289980385-2872688556-2806904064-500_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}, Žádná uživatelská akce, [231], [247116],1.0.3513
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Žádná uživatelská akce, [231], [247117],1.0.3513
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Žádná uživatelská akce, [231], [247117],1.0.3513
PUP.Optional.SupTab, HKLM\SOFTWARE\supTab, Žádná uživatelská akce, [3282], [254403],1.0.3513
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPDP, Žádná uživatelská akce, [3282], [243701],1.0.3513
PUP.Optional.WebsSearches.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Žádná uživatelská akce, [2608], [356193],1.0.3513
PUP.Optional.WebsSearches.ShrtCln, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Žádná uživatelská akce, [2608], [356193],1.0.3513
PUP.Optional.OptimizerPro, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\OPTIMIZER PRO, Žádná uživatelská akce, [780], [241445],1.0.3513
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}, Žádná uživatelská akce, [231], [251403],1.0.3513
Adware.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Žádná uživatelská akce, [474], [445717],1.0.3513
Adware.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, Žádná uživatelská akce, [474], [445720],1.0.3513
PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Žádná uživatelská akce, [10964], [239278],1.0.3513
PUP.Optional.MultiSP, HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}, Žádná uživatelská akce, [9721], [167447],1.0.3513

Hodnota v registru: 8
Hijack.ControlPanelStyle, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|FORCECLASSICCONTROLPANEL, Žádná uživatelská akce, [12101], [209236],1.0.3513
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPDP|DIR, Žádná uživatelská akce, [3282], [243701],1.0.3513
PUP.Optional.WebsSearches.ShrtCln, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DISPLAYNAME, Žádná uživatelská akce, [2608], [356193],1.0.3513
PUP.Optional.WebsSearches.ShrtCln, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, Žádná uživatelská akce, [2608], [356193],1.0.3513
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPTAB|PTID, Žádná uživatelská akce, [3282], [243702],1.0.3513
PUP.Optional.OptimizerPro, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\OPTIMIZER PRO|ADSBUYNOWURL, Žádná uživatelská akce, [780], [241445],1.0.3513
PUP.Optional.WebsSearches.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DISPLAYNAME, Žádná uživatelská akce, [2608], [356186],1.0.3513
PUP.Optional.WebsSearches.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, Žádná uživatelská akce, [2608], [356186],1.0.3513

Data registrů: 9
PUP.Optional.WebSearch, HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_PAGE_URL, Žádná uživatelská akce, [2709], [293028],1.0.3513
PUP.Optional.WebSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_SEARCH_URL, Žádná uživatelská akce, [2709], [293029],1.0.3513
PUP.Optional.WebSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_PAGE_URL, Žádná uživatelská akce, [2709], [293029],1.0.3513
PUP.Optional.WebSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Žádná uživatelská akce, [2709], [293029],1.0.3513
PUP.Optional.WebSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Žádná uživatelská akce, [2709], [293029],1.0.3513
PUM.Optional.NoChangingWallpaper, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ACTIVEDESKTOP|NOCHANGINGWALLPAPER, Žádná uživatelská akce, [14391], [293332],1.0.3513
PUM.Optional.NoDispAppearancePage, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|NODISPAPPEARANCEPAGE, Žádná uživatelská akce, [14392], [293335],1.0.3513
PUM.Optional.NoDispBackgroundPage, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|NODISPBACKGROUNDPAGE, Žádná uživatelská akce, [14393], [293336],1.0.3513
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Žádná uživatelská akce, [12380], [292819],1.0.3513

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 100
PUP.Optional.MultiPlug, C:\PROGRAMDATA\ADBLOCKER, Žádná uživatelská akce, [231], [174394],1.0.3513
PUP.Optional.Booster, C:\PROGRAMDATA\TRUSTED PUBLISHER\SW-Booster, Žádná uživatelská akce, [9292], [175724],1.0.3513
PUP.Optional.MultiPlug, C:\PROGRAMDATA\1ab0a4847f6b4312, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.EZDownloader, C:\Users\kutik\AppData\Roaming\EZDownloader\Errors, Žádná uživatelská akce, [3172], [177067],1.0.3513
PUP.Optional.EZDownloader, C:\USERS\KUTIK\APPDATA\ROAMING\EZDOWNLOADER, Žádná uživatelská akce, [3172], [177067],1.0.3513
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update, Žádná uživatelská akce, [10964], [177726],1.0.3513
PUP.Optional.IEPluginServices, C:\PROGRAMDATA\IEPLUGINSERVICES, Žádná uživatelská akce, [10964], [177726],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\image, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\CHROMATIC BROWSER, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\USERS\KUTIK\APPDATA\LOCAL\CHROMATIC BROWSER, Žádná uživatelská akce, [7558], [180960],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, Žádná uživatelská akce, [8494], [443157],1.0.3513

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 19 pro 2017 11:30

- pokračování -

Soubor: 274
PUP.Optional.WebsSearches, C:\PROGRAM FILES\MOZILLA FIREFOX\BROWSER\SEARCHPLUGINS\webssearches.xml, Žádná uživatelská akce, [11634], [185004],1.0.3513
PUP.Optional.MultiPlug, C:\PROGRAMDATA\NTUSER.POL, Žádná uživatelská akce, [231], [-1],0.0.0
PUP.Optional.MultiPlug, C:\USERS\ML0336\NTUSER.POL, Žádná uživatelská akce, [231], [-1],0.0.0
PUP.Optional.MultiPlug, C:\USERS\PC8365\NTUSER.POL, Žádná uživatelská akce, [231], [-1],0.0.0
PUP.Optional.MultiPlug, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Žádná uživatelská akce, [231], [-1],0.0.0
PUP.Optional.MultiPlug, C:\PROGRAMDATA\1ab0a4847f6b4312\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821204512, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821204913, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821204914, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821194305, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821204505, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821204506, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821204512, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140821194314, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140821194248, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140821194256, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.MultiPlug, C:\ProgramData\1ab0a4847f6b4312\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140821205105, Žádná uživatelská akce, [231], [240943],1.0.3513
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update\conf, Žádná uživatelská akce, [10964], [177726],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\image\ck_box.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\image\ck_check.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\image\radio_bk.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\image\radio_check.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\bk_shadow.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\btn.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\close.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\main.xml, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\skin\main.xml.bak, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\google_trends.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon128.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon16.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon48.png, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\loading.gif, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\logo32.ico, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\common.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\ga.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\js.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\library.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\xagainit-ie8.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\xagainit2.0.js, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\data.html, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE.html, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE8.html, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\main.css, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\web\ver.txt, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\ient.json, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\install.data, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\Loader64.exe, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.SupTab, C:\Program Files\SupTab\uninstall.exe, Žádná uživatelská akce, [3282], [179903],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [7558], [180960],1.0.3513
PUP.Optional.Chromatic, C:\Users\kutik\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [7558], [180960],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443151],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Torch\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [8494], [443155],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [8494], [443156],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, Žádná uživatelská akce, [8494], [443157],1.0.3513
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, Žádná uživatelská akce, [8494], [443157],1.0.3513
PUP.Optional.SkyTech, C:\USERS\KUTIK\APPDATA\ROAMING\MAILUPDATE\MAILUPDATE.EXE, Žádná uživatelská akce, [6331], [121663],1.0.3513
PUP.Optional.OpenCandy, C:\USERS\KUTIK\DOWNLOADS\CDEX-1.79-WIN32.EXE, Žádná uživatelská akce, [483], [297667],1.0.3513

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)
-------------------------------

Dále jsem zatím nešel a čekám na pokyny :-)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 19 pro 2017 18:50

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Scan“, po prohledání klikni na „ Clean

Program provede opravu, po automatickém restartu klikni na „Log Manager“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.


Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 19 pro 2017 23:34

# AdwCleaner 7.0.5.0 - Logfile created on Tue Dec 19 19:09:13 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Enterprise (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\MailUpdate
Deleted: C:\ProgramData\Application Data\MailUpdate
Deleted: C:\Users\All Users\MailUpdate
Deleted: C:\Users\kutik\AppData\Roaming\MailUpdate
Deleted: C:\ProgramData\trusted publisher
Deleted: C:\ProgramData\Application Data\trusted publisher
Deleted: C:\Users\All Users\trusted publisher
Deleted: C:\Users\kutik\AppData\Local\DriverToolkit
Deleted: C:\Users\Administrator\AppData\Local\torch
Deleted: C:\Users\kutik\AppData\Local\torch
Deleted: C:\ProgramData\Trusted Publisher
Deleted: C:\ProgramData\Application Data\Trusted Publisher
Deleted: C:\Users\All Users\Trusted Publisher
Deleted: C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\ProgramData\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\Users\All Users\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\Users\Administrator\AppData\Local\Chromatic Browser
Deleted: C:\Users\kutik\AppData\Local\Chromatic Browser
Deleted: C:\Program Files\SupTab
Deleted: C:\Users\kutik\AppData\Roaming\EZDownloader
Deleted: C:\ProgramData\IePluginServices
Deleted: C:\ProgramData\Application Data\IePluginServices
Deleted: C:\Users\All Users\IePluginServices
Deleted: C:\ProgramData\adblocker
Deleted: C:\ProgramData\Application Data\adblocker
Deleted: C:\Users\All Users\adblocker
Deleted: C:\ProgramData\1ab0a4847f6b4312


***** [ Files ] *****

Deleted: C:\Users\kutik\AppData\Roaming\LiveSupport.exe_log.txt
Deleted: C:\Users\kutik\AppData\Roaming\regsvr32.exe_log.txt


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DRIVERTOOLKIT AUTORUN
Deleted: At1


***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Optimizer Pro
Deleted: [Key] - HKCU\Software\Optimizer Pro
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [http:\\istart.webssearches.com\?

type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [http:\\istart.webssearches.com\?

type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [http:\\istart.webssearches.com\web\?

type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [http:\\istart.webssearches.com\web\?

type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [http:\\istart.webssearches.com\?

type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [http:\\istart.webssearches.com\?

type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [http:\\istart.webssearches.com\?

type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [http:\\istart.webssearches.com\?

type=hp&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [http:\\istart.webssearches.com\web\?

type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [http:\\istart.webssearches.com\web\?

type=ds&ts=1408643051&from=wpc&uid=HitachiXHTS725050A9A364_110620PCK404GLHSP42KX&q={searchTerms}]
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Deleted: [Key] - HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Deleted: [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Deleted: [Key] - HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Deleted: [Key] - HKLM\SOFTWARE\webssearchesSoftware
Deleted: [Key] - HKLM\SOFTWARE\SUPDP
Deleted: [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted: [Key] - HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
Deleted: [Key] - HKLM\SOFTWARE\SupDp
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\SupTab
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Deleted: [Key] - HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\SupHpUISoft
Deleted: [Key] - HKCU\Software\SupHpUISoft
Deleted: [Key] - HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [8799 B] - [2017/12/18 16:19:24]
C:/AdwCleaner/AdwCleaner[S1].txt - [8868 B] - [2017/12/19 19:7:56]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
------------------------------------------------------------------------

JRT = hotovo

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Enterprise x86
Ran by kutik (Administrator) on Łt 19.12.2017 at 20:17:54,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18

Successfully deleted: C:\ai_recyclebin (Folder)
Successfully deleted: C:\Windows\System32\ai_recyclebin (Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Q6AWPIY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IK8P2S6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5CC20ARQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62ZC9TXB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8X25M5U2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRYNMWDM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SORIFB0N (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X8VICZ1F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Q6AWPIY (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IK8P2S6 (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5CC20ARQ (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62ZC9TXB (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8X25M5U2 (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRYNMWDM (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SORIFB0N (Temporary

Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X8VICZ1F (Temporary

Internet Files Folder)

Deleted the following from C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\prefs.js
user_pref(browser.onboarding.tour.onboarding-tour-singlesearch.completed, true);
user_pref(browser.search.hiddenOneOffs, SluneÄŤnice,webssearches,Wikipedie (cs));
user_pref(extensions.6QBwZ.scode, (function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\acebook\)>-1||url.indexOf

(\warnalert11.com\)>-1|
user_pref(extensions.clipconverter@clipconverter.cc.sdk.baseURI, resource://clipconverter-at-clipconverter-dot-cc/);
user_pref(extensions.clipconverter@clipconverter.cc.sdk.domain, clipconverter-at-clipconverter-dot-cc);
user_pref(extensions.clipconverter@clipconverter. ... oad.reason, startup);
user_pref(extensions.clipconverter@clipconverter.cc.sdk.rootURI,

jar:file:///C:/Users/kutik/AppData/Roaming/Mozilla/Firefox/Profiles/9gd2k5qg.default/extensions/clipconvert
user_pref(extensions.clipconverter@clipconverter.cc.sdk.version, 1.5.2);
user_pref(extensions.uQ_KUYH.scode, (function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\acebook\)>-1||url.indexOf

(\warnalert11.com\)>-
user_pref(extensions.ugz.scode, try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\rTYHrTk5qTsFrjgGrHU7qHsG\)>-

1||url.indexOf(\ace

Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 19.12.2017 at 20:21:23,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 19 pro 2017 23:41

Malware bytes znovu = hotovo

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 19.12.17
Čas skenování: 20:26
Logovací soubor: 8f58fe77-e4f2-11e7-a98c-9c8e993ed09a.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3522
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: CZLCMT004\kutik

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 281802
Zjištěné hrozby: 170
Hrozby umístěné do karantény: 170
Uplynulý čas: 5 min, 28 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 3
Adware.MultiPlug.Generic, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, V karanténě, [8506], [-1],0.0.0
PUP.Optional.MultiPlug, HKU\S-1-5-21-3289980385-2872688556-2806904064-500_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}, V karanténě, [231],

[247116],1.0.3522
Adware.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, V karanténě, [474], [445717],1.0.3522

Hodnota v registru: 1
Hijack.ControlPanelStyle, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|

FORCECLASSICCONTROLPANEL, V karanténě, [12113], [209236],1.0.3522

Data registrů: 4
PUM.Optional.NoChangingWallpaper, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ACTIVEDESKTOP|

NOCHANGINGWALLPAPER, Nahrazen, [14403], [293332],1.0.3522
PUM.Optional.NoDispAppearancePage, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|

NODISPAPPEARANCEPAGE, Nahrazen, [14404], [293335],1.0.3522
PUM.Optional.NoDispBackgroundPage, HKU\S-1-5-21-2074873108-841358846-564879142-8337\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|

NODISPBACKGROUNDPAGE, Nahrazen, [14405], [293336],1.0.3522
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Nahrazen, [12392], [292819],1.0.3522

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 36
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj, V karanténě,

[8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, V karanténě,

[8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, V karanténě, [8506],

[443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge, V karanténě,

[8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, V karanténě,

[8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, V karanténě, [8506],

[443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja, V karanténě,

[8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, V karanténě,

[8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, V karanténě, [8506],

[443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, V karanténě,

[8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, V karanténě,

[8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, V karanténě,

[8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, V karanténě,

[8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, V karanténě,

[8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, V karanténě,

[8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, V karanténě,

[8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, V karanténě,

[8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, V karanténě,

[8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9, V karanténě,

[8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj, V karanténě, [8506],

[443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0, V karanténě,

[8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge, V karanténě, [8506],

[443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216, V karanténě,

[8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja, V karanténě, [8506],

[443157],1.0.3522

Soubor: 126
PUP.Optional.WebsSearches, C:\PROGRAM FILES\MOZILLA FIREFOX\BROWSER\SEARCHPLUGINS\webssearches.xml, V karanténě, [11646], [185004],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\background.html, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\content.js, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\HWwxpWhV8h.js, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\manifest.json, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\PROGRAMDATA\NTUSER.POL, V karanténě, [8506], [-1],0.0.0
Adware.MultiPlug.Generic, C:\USERS\ML0336\NTUSER.POL, V karanténě, [8506], [-1],0.0.0
Adware.MultiPlug.Generic, C:\USERS\PC8365\NTUSER.POL, V karanténě, [8506], [-1],0.0.0
Adware.MultiPlug.Generic, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, V karanténě, [8506], [-1],0.0.0
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\background.html, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\content.js, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\manifest.json, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\Xr11ZAqM.js, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js,

V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\background.html, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\clwVzihLR.js, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\content.js, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\manifest.json, V karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, V

karanténě, [8506], [443151],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\background.html, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\background.html, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\background.html, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, V

karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\background.html, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\content.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\HWwxpWhV8h.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\manifest.json, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\background.html, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\content.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\daf3sNb.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\manifest.json, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\Xr11ZAqM.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js,

V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\background.html, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\clwVzihLR.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\content.js, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\manifest.json, V karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\lsdb.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\background.html, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\content.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\GC7.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\HWwxpWhV8h.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj

\3.9\manifest.json, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge

\1.0\lsdb.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\background.html, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\content.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\daf3sNb.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\manifest.json, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge

\1.0\Xr11ZAqM.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja

\216\lsdb.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\Az16rb.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\background.html, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\clwVzihLR.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\content.js, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja

\216\manifest.json, V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js,

V karanténě, [8506], [443156],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\lsdb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\background.html, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\content.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\eb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\GC7.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\HWwxpWhV8h.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfjlonihjmdplmajmmejknfgelcnaefj\3.9\manifest.json, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ighijgiboabdoghkobiodlnmneeodpge\1.0\lsdb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\background.html, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\content.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\daf3sNb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\manifest.json, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\p1.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ighijgiboabdoghkobiodlnmneeodpge\1.0\Xr11ZAqM.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\USERS\KUTIK\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ndhinffkekpekljifjkkkkkhopnjodja\216\lsdb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\Az16rb.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\background.html, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\clwVzihLR.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\content.js, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\manifest.json, V

karanténě, [8506], [443157],1.0.3522
Adware.MultiPlug.Generic, C:\Users\kutik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\216\o.js, V karanténě,

[8506], [443157],1.0.3522
PUP.Optional.OpenCandy, C:\USERS\KUTIK\DOWNLOADS\CDEX-1.79-WIN32.EXE, V karanténě, [483], [297667],1.0.3522

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
---------------------------------------------------

Sophos = hotovo

nalezen 1 objekt = smazáno.

Log:
2017-12-19 19:49:45.359 Sophos Virus Removal Tool version 2.6.1
2017-12-19 19:49:45.359 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-12-19 19:49:45.359 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-12-19 19:49:45.359 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 Win32
2017-12-19 19:49:45.359 Checking for updates...
2017-12-19 19:49:48.963 Update progress: proxy server not available
2017-12-19 19:49:59.229 Option all = no
2017-12-19 19:49:59.229 Option recurse = yes
2017-12-19 19:49:59.229 Option archive = no
2017-12-19 19:49:59.229 Option service = yes
2017-12-19 19:49:59.229 Option confirm = yes
2017-12-19 19:49:59.229 Option sxl = yes
2017-12-19 19:49:59.229 Option max-data-age = 35
2017-12-19 19:49:59.229 Option vdl-logging = yes
2017-12-19 19:49:59.244 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-12-19 19:49:59.244 Machine ID: 1292779ada5d4475b20448b6f9b57aaf
2017-12-19 19:49:59.244 Component SVRTcli.exe version 2.6.1
2017-12-19 19:49:59.244 Component control.dll version 2.6.1
2017-12-19 19:49:59.244 Component SVRTservice.exe version 2.6.1
2017-12-19 19:49:59.244 Component engine\osdp.dll version 1.44.1.2286
2017-12-19 19:49:59.244 Component engine\veex.dll version 3.68.6.2286
2017-12-19 19:49:59.244 Component engine\savi.dll version 9.0.7.2286
2017-12-19 19:49:59.244 Component rkdisk.dll version 1.5.31.1
2017-12-19 19:49:59.244 Version info: Product version 2.6.1
2017-12-19 19:49:59.244 Version info: Detection engine 3.68.6
2017-12-19 19:49:59.244 Version info: Detection data 5.44
2017-12-19 19:49:59.244 Version info: Build date 19.9.2017
2017-12-19 19:49:59.244 Version info: Data files added 563
2017-12-19 19:49:59.244 Version info: Last successful update (not yet updated)
2017-12-19 19:50:08.106 Downloading updates...
2017-12-19 19:50:08.121 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60

RECOMMENDED path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60

RECOMMENDED path=
2017-12-19 19:50:08.121 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-

E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32

LATEST path=]
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545

LATEST path=]
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546

LATEST path=]
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547

LATEST path=]
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I49502] sdds.data0910.xml: found supplement IDE549 LATEST path= baseVersion= [included from product IDE548

LATEST path=]
2017-12-19 19:50:08.121 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE549 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE549 LATEST path=
2017-12-19 19:50:08.121 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-12-19 19:50:08.964 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-12-19 19:50:08.964 Update progress: [I19463] Product download size 174235198 bytes
2017-12-19 19:50:13.332 Update progress: [I19463] Syncing product IDE545 LATEST path=
2017-12-19 19:50:13.332 Update progress: [I19463] Product download size 2585002 bytes
2017-12-19 19:50:14.112 Update progress: [I19463] Syncing product IDE546 LATEST path=
2017-12-19 19:50:14.112 Update progress: [I19463] Product download size 3165416 bytes
2017-12-19 19:50:23.301 Update progress: [I19463] Syncing product IDE547 LATEST path=
2017-12-19 19:50:23.301 Update progress: [I19463] Product download size 4521286 bytes
2017-12-19 19:50:34.346 Update progress: [I19463] Syncing product IDE548 LATEST path=
2017-12-19 19:50:34.346 Update progress: [I19463] Product download size 1470699 bytes
2017-12-19 19:50:34.861 Update progress: [I19463] Syncing product IDE549 LATEST path=
2017-12-19 19:50:35.032 Installing updates...
2017-12-19 19:50:38.293 Error level 1
2017-12-19 19:51:03.503 Update successful
2017-12-19 19:51:48.871 Option all = no
2017-12-19 19:51:48.871 Option recurse = yes
2017-12-19 19:51:48.871 Option archive = no
2017-12-19 19:51:48.871 Option service = yes
2017-12-19 19:51:48.871 Option confirm = yes
2017-12-19 19:51:48.871 Option sxl = yes
2017-12-19 19:51:48.871 Option max-data-age = 35
2017-12-19 19:51:48.871 Option vdl-logging = yes
2017-12-19 19:51:51.164 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-12-19 19:51:51.164 Machine ID: 1292779ada5d4475b20448b6f9b57aaf
2017-12-19 19:51:51.164 Component SVRTcli.exe version 2.6.1
2017-12-19 19:51:51.164 Component control.dll version 2.6.1
2017-12-19 19:51:51.164 Component SVRTservice.exe version 2.6.1
2017-12-19 19:51:51.164 Component engine\osdp.dll version 1.44.1.2286
2017-12-19 19:51:51.164 Component engine\veex.dll version 3.68.6.2286
2017-12-19 19:51:51.164 Component engine\savi.dll version 9.0.7.2286
2017-12-19 19:51:51.180 Component rkdisk.dll version 1.5.31.1
2017-12-19 19:51:51.180 Version info: Product version 2.6.1
2017-12-19 19:51:51.180 Version info: Detection engine 3.68.6
2017-12-19 19:51:51.180 Version info: Detection data 5.44
2017-12-19 19:51:51.180 Version info: Build date 19.9.2017
2017-12-19 19:51:51.180 Version info: Data files added 563
2017-12-19 19:51:51.180 Version info: Last successful update 19.12.2017 20:51:03

2017-12-19 20:04:08.809 Could not open C:\boot\BCD

2017-12-19 20:13:28.664 Could not open C:\pagefile.sys
2017-12-19 20:26:10.507 Could not open C:\System Volume Information\{2348ee73-c7ba-11e7-87f1-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.507 Could not open C:\System Volume Information\{2348f000-c7ba-11e7-87f1-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.507 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.507 Could not open C:\System Volume Information\{41fb428c-e4f4-11e7-9fe5-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{51845c5b-e0e3-11e7-a545-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{54d63271-baf9-11e7-9041-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{54d63360-baf9-11e7-9041-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{55a24831-e4f0-11e7-a84d-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{5d2cd9b1-dc2e-11e7-8d53-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{5e32f5e8-ac0c-11e7-9e39-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{7346f31e-d80f-11e7-b482-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{8aaed1a3-e321-11e7-a3c9-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{8aaed1a8-e321-11e7-a3c9-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:26:10.522 Could not open C:\System Volume Information\{8aaed1f3-e321-11e7-a3c9-9c8e993ed09a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-12-19 20:31:33.131 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_08.08._16.15.WMA
2017-12-19 20:31:33.131 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:31:33.131 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:33.131 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:31:33.131 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:31:33.131 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:39.215 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._08.15.wma
2017-12-19 20:31:39.215 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:31:39.215 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:39.215 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:31:39.215 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:31:39.215 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:45.346 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._12.15.wma
2017-12-19 20:31:45.346 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:31:45.346 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:45.346 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:31:45.346 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:31:45.346 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:51.071 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._16.15.wma
2017-12-19 20:31:51.071 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:31:51.071 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:31:51.071 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:31:51.071 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:31:51.071 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:05.252 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J

\Leto_s_Radiem_OK_2007\Reklama\OK_08.08._16.15.WMA
2017-12-19 20:32:05.267 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:32:05.267 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:05.267 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:32:05.267 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:32:05.267 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:10.649 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J

\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._08.15.wma
2017-12-19 20:32:10.649 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:32:10.665 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:10.665 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:32:10.665 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:32:10.665 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:16.281 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J

\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._12.15.wma
2017-12-19 20:32:16.281 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:32:16.281 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:16.281 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:32:16.281 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:32:16.281 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:22.037 >>> Virus 'W32/GetCodec-A' found in file C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J

\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._16.15.wma
2017-12-19 20:32:22.037 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

\ConsentPromptBehaviorAdmin
2017-12-19 20:32:22.037 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:32:22.037 >>> Virus 'W32/GetCodec-A' found in file HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows

\CurrentVersion\Internet Settings\Zones\3\1208
2017-12-19 20:32:22.053 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2017-12-19 20:32:22.053 >>> Virus 'W32/GetCodec-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-12-19 20:45:19.493 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-12-19 20:45:19.493 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-12-19 20:45:30.304 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-12-19 20:45:30.304 Could not open C:\Windows\System32\config\RegBack\SAM
2017-12-19 20:45:30.304 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-12-19 20:45:30.304 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-12-19 20:45:30.304 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-12-19 21:03:18.128 Could not open LOGICAL:0003:00000000
2017-12-19 21:03:18.144 Could not open D:\
2017-12-19 21:04:48.047 The following items will be cleaned up:
2017-12-19 21:04:48.047 W32/GetCodec-A
2017-12-19 21:12:36.767 Threat 'W32/GetCodec-A' has been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_08.08._16.15.WMA" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_08.08._16.15.WMA" has been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._08.15.wma" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._08.15.wma" has been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._12.15.wma" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._12.15.wma" has been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._16.15.wma" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Léto s Radiem OK\OK_23.07._16.15.wma" has been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_08.08._16.15.WMA" belongs

to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_08.08._16.15.WMA" has

been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._08.15.wma" belongs

to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._08.15.wma" has

been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._12.15.wma" belongs

to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._12.15.wma" has

been cleaned up.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._16.15.wma" belongs

to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 File "C:\Users\ml0336\Desktop\Markt 336\06.06.2015\Kutík\Prac\Záloha J\Leto_s_Radiem_OK_2007\Reklama\OK_23.07._16.15.wma" has

been cleaned up.
2017-12-19 21:12:36.767 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" belongs to

'W32/GetCodec-A'.
2017-12-19 21:12:36.767 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" has been cleaned up.
2017-12-19 21:12:36.767 Registry value "HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows\CurrentVersion\Internet Settings

\Zones\3\2500" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 Registry value "HKU\S-1-5-21-2074873108-841358846-564879142-8337\Software\Microsoft\Windows\CurrentVersion\Internet Settings

\Zones\3\2500" has been cleaned up.
2017-12-19 21:12:36.767 Registry value "HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings

\Zones\3\1208" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 Registry value "HKU\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings

\Zones\3\1208" has been cleaned up.
2017-12-19 21:12:36.767 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609" has been cleaned up.
2017-12-19 21:12:36.767 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500" belongs to 'W32/GetCodec-A'.
2017-12-19 21:12:36.767 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500" has been cleaned up.
2017-12-19 21:12:36.767 Removal successful
2017-12-19 21:12:38.062 Error level 0


----------------------------------------------------------------------

RogueKileer= hotovo.
Našel 3 objekty, tak jsem je smazal.

Log
RogueKiller V12.11.29.0 [Dec 18 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : kutik [Práva správce]
Started from : C:\DOKUMENTY_KUTIK\PF\..Udrzba\RogueKiller_portable32.exe
Mód : Smazat -- Datum : 12/19/2017 22:19:41 (Duration : 00:25:24)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUP.Gen1] HKEY_USERS\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\WebApp -> Smazáno
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3289980385-2872688556-2806904064-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames

: 0 -> Nahrazeno (1)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Hidden.ADS][Stream] C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS725050A9A364 ATA Device +++++
--- User ---
[MBR] 96cecd10f3f915e779ab9617fe01e912
[BSP] 68f43eef32fce85213b114f44a79c42c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: JetFlash Transcend 16GB USB Device +++++
--- User ---
[MBR] 8b3c34d0d404abf4538f08f95f07ef16
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 112 | Size: 15071 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

-----------------
To je vše.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 20 pro 2017 09:32

mbam -- bylo smazáno vše? , něco nemá údaj o výmazu či náhradě.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
http://leteckaposta.cz/415997425
klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 20 pro 2017 19:46

Ahoj, píšeš, že:
"mbam -- bylo smazáno vše? , něco nemá údaj o výmazu či náhradě."

Psal jsem, že 170 objektů jsem přesunul do karantény. V ní jsem to ale nemazal. Teď jsem tedy vše v karanténě smazal a projel znovu. Nic nového už nenašel:

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 20.12.17
Čas skenování: 12:13
Logovací soubor: bf3dd0c5-e576-11e7-bbb5-9c8e993ed09a.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3527
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: CZLCMT004\kutik

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 283129
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 7 min, 5 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

-----------------------------------------------------
Rogue Killer = hotovo, nic nenalezeno.


RogueKiller V12.11.29.0 [Dec 18 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : kutik [Práva správce]
Started from : C:\DOKUMENTY_KUTIK\PF\..Udrzba\RogueKiller_portable32.exe
Mód : Prohledat -- Datum : 12/20/2017 12:33:34 (Duration : 00:24:17)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS725050A9A364 ATA Device +++++
--- User ---
[MBR] 96cecd10f3f915e779ab9617fe01e912
[BSP] 68f43eef32fce85213b114f44a79c42c : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

--------------------------------------------------------------------

Zoek = hotovo, ale trvalo mu to6 hodin ! Nakonec to doběhlo do konce.


Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by kutik on st 20.12.2017 at 13:01:05,62.
Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\DOKUMENTY_KUTIK\PF\..Udrzba\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20.12.2017 13:02:56 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} deleted successfully

==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

Deleted from C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");

Added to C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\prefs.js:

Deleted from C:\Users\kutik\AppData\Roaming\TomTom\HOME\Profiles\xwb0ztxf.default\prefs.js:

Added to C:\Users\kutik\AppData\Roaming\TomTom\HOME\Profiles\xwb0ztxf.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\ml0336\AppData\Roaming\Mozilla\Firefox\Profiles\ah1wrycq.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");

Added to C:\Users\ml0336\AppData\Roaming\Mozilla\Firefox\Profiles\ah1wrycq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\n07z0csq.default\prefs.js:

Added to C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\n07z0csq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\kutik\AppData\Roaming\TomTom\HOME\Profiles\xwb0ztxf.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ml0336\AppData\Roaming\Mozilla\Firefox\Profiles\ah1wrycq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\n07z0csq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default
- Undetermined - %ProfilePath%\extensions\check4change-owner@mozdev.org.xpi
- ClipConverter - %ProfilePath%\extensions\clipconverter@clipconverter.cc.xpi
- Undetermined - %ProfilePath%\extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi
- YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
- Undetermined - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi
- Undetermined - %ProfilePath%\extensions\sp@avast.com.xpi
- Undetermined - %ProfilePath%\extensions\wrc@avast.com.xpi
- Undetermined - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Undetermined - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\kutik\AppData\Roaming\TomTom\HOME\Profiles\xwb0ztxf.default
- Emulator - %ProfilePath%\extensions\Navcore.9.071.503856@tomtom.com

ProfilePath: C:\Users\ml0336\AppData\Roaming\Mozilla\Firefox\Profiles\ah1wrycq.default
- Undetermined - %ProfilePath%\extensions\sp@avast.com.xpi
- Undetermined - %ProfilePath%\extensions\wrc@avast.com.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default
E8D38E8FB6EC88E7B0E0B4D9AC9B0725 - C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll - Shockwave Flash
44D14DC7DFAF12712EE7294BA1BC58E5 - C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll - Shockwave Flash
10F6F32EABD6E39FBD56B803DB28FE8C - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
F807716F6A899CDA4036C8612C4D529A - C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U151
BFB8123460850729B6BA2E926E6677E3 - C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.1510.12
08C3C6B144EB5EBDE93263237C53DB14 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
D892C77AFA8AFABA6F474A7DA401BD7C - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
0205ADAFFDDF04F0F69200E5CFB5FFD9 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight
893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
D6BCD0765A259DB2481C082DDBD86AD7 - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin
6745B601D1F1FAB82C7AF08B20250D85 - C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll - Google Update

Profilepath: C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\n07z0csq.default
08C3C6B144EB5EBDE93263237C53DB14 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
D892C77AFA8AFABA6F474A7DA401BD7C - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.cz/?gws_rd=ssl"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\kutik\AppData\Local\Mozilla\Firefox\Profiles\9gd2k5qg.default\cache2 emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++fanzine.topzine.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++jenprocestovatele.topzine.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++nakup.itesco.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++plus.google.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++twitter.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++web.whatsapp.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++womanonly.topzine.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.airbnb.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.duolingo.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.esky.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.kiwi.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.kupi.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.letemsvetemapplem.eu\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.picodi.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.svetandroida.cz\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.theguardian.com\cache emptied successfully
C:\Users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\storage\default\https+++www.youtube.com\cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kutik\AppData\Local\Temp will be emptied at reboot
C:\Users\ml0336\AppData\Local\Temp emptied successfully
C:\Users\pc8365\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\kutik\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\kutik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on st 20.12.2017 at 18:45:08,95 ======================

-------------------------------------------------------------------------

ZEMANA= hotovo

Zemana AntiMalware 2.74.2.150 (instalační verze)
-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.12.20
Operating System : Windows 7 32-bit
Processor : 4X Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
BIOS Mode : Legacy
CUID : 12D3F716CA8DA66726CA89
Scan Type : Skenování systému
Duration : 13m 57s
Scanned Objects : 109651
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : NTK,1,3

Detected Objects
-------------------------------------------------------

wrc@avast.com
Status : Skenováno
Object : %appdata%\mozilla\firefox\profiles\9gd2k5qg.default\extensions\wrc@avast.com.xpi
MD5 : 904CC438CF06B7697F59FE962D612781
Publisher : -
Size : 707252
Version : -
Detection : PUA.FirefoxExt!Gr
Cleaning Action : Opravit
Related Objects :
Rozšíření prohlížeče - wrc@avast.com
Soubor - %appdata%\mozilla\firefox\profiles
\9gd2k5qg.default\extensions\wrc@avast.com.xpi


Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0

---------------------------------------------------------------------------------------------

Combofix = hotovo

ComboFix 17-12-11.01 - kutik 20.12.2017 19:19:29.1.4 - x86
Microsoft Windows 7 Enterprise 6.1.7601.1.1250.420.1033.18.3054.1711 [GMT 1:00]
Spuštěný z: c:\dokumenty_kutik\PF\..Udrzba\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\kutik\AppData\Local\assembly\tmp
c:\users\kutik\AppData\Local\assembly\tmp\1B1NF385\__AssemblyInfo__.ini
c:\users\kutik\AppData\Local\assembly\tmp\1B1NF385\Therefore.Connectors.Office.Shared.DLL
c:\users\kutik\AppData\Local\assembly\tmp\G6ZX0MVU\__AssemblyInfo__.ini
c:\users\kutik\AppData\Local\assembly\tmp\G6ZX0MVU\Therefore.Connectors.Office.Excel.DLL
c:\users\kutik\AppData\Local\assembly\tmp\O1QD5TBJ\__AssemblyInfo__.ini
c:\users\kutik\AppData\Local\assembly\tmp\O1QD5TBJ\Therefore.Connectors.Office.Shared.DLL
c:\users\kutik\AppData\Local\assembly\tmp\SRFLFG65\__AssemblyInfo__.ini
c:\users\kutik\AppData\Local\assembly\tmp\SRFLFG65\Therefore.Connectors.Office.Excel.DLL
c:\users\ml0336\AppData\Local\assembly\tmp
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-11-20 do 2017-12-20 )))))))))))))))))))))))))))))))
.
.
2017-12-20 17:53 . 2017-12-20 17:53 181496 ----a-w- c:\windows\system32\drivers\zamguard32.sys
2017-12-20 17:53 . 2017-12-20 17:53 181496 ----a-w- c:\windows\system32\drivers\zam32.sys
2017-12-20 17:53 . 2017-12-20 17:53 -------- d-----w- c:\users\kutik\AppData\Local\Zemana
2017-12-20 17:42 . 2017-12-20 12:01 24064 ----a-w- c:\windows\zoek-delete.exe
2017-12-20 17:42 . 2017-12-20 18:25 -------- d-----w- c:\users\kutik\AppData\Local\Temp
2017-12-20 12:01 . 2017-12-20 12:01 -------- d-----w- C:\zoek_backup
2017-12-20 10:31 . 2017-12-20 10:32 -------- d-----w- c:\users\kutik\AppData\Local\Adobe
2017-12-19 21:19 . 2017-12-20 11:33 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-12-19 21:17 . 2017-12-19 22:42 -------- d-----w- c:\programdata\RogueKiller
2017-12-19 19:49 . 2017-12-19 19:49 -------- d-----w- c:\programdata\Sophos
2017-12-18 16:25 . 2017-11-29 08:11 59896 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-12-18 16:25 . 2017-12-18 16:25 -------- d-----w- c:\programdata\Malwarebytes
2017-12-18 16:17 . 2017-12-19 19:09 -------- d-----w- C:\AdwCleaner
2017-12-17 16:21 . 2017-12-17 16:21 -------- d-----w- c:\users\kutik\AppData\Local\Therefore
2017-12-17 11:59 . 2017-12-17 11:59 -------- d-----w- c:\users\kutik\AppData\Roaming\Apple Computer
2017-12-14 20:14 . 2017-12-14 20:14 -------- d-----w- c:\users\kutik\AppData\Roaming\HD Tune Pro
2017-12-14 19:15 . 2017-12-14 19:15 -------- d-----w- c:\windows\Transcend JetFlash Recovery Tool
2017-12-06 14:54 . 2017-12-06 14:54 -------- d-----w- c:\program files\Common Files\Avast Software
2017-11-25 10:42 . 2017-11-25 10:42 -------- d-----w- c:\programdata\TomTom
2017-11-25 10:41 . 2017-11-25 10:41 -------- d-----w- c:\users\kutik\AppData\Roaming\TomTom
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-12-13 09:38 . 2012-04-05 15:40 803328 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-12-13 09:38 . 2012-04-05 14:16 144896 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2017-11-16 16:39 . 2015-02-07 11:42 388760 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-11-12 15:07 . 2015-08-06 14:09 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2017-11-12 14:54 . 2015-02-07 11:42 150848 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-11-12 14:54 . 2015-02-07 11:42 298360 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-11-12 14:54 . 2015-02-07 11:42 70864 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-11-12 14:54 . 2017-11-12 14:54 157176 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2017-11-12 14:54 . 2015-02-07 11:42 124952 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-11-12 14:54 . 2015-02-07 11:42 99560 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-11-12 14:54 . 2015-02-07 11:42 42848 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-11-12 14:53 . 2017-11-12 14:54 305328 ----a-w- c:\windows\system32\aswBoot.exe
2017-11-12 14:53 . 2015-02-07 11:42 783136 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-11-12 14:53 . 2017-03-18 16:39 50376 ----a-w- c:\windows\system32\drivers\aswbunivx.sys
2017-11-12 14:53 . 2017-03-18 16:39 276728 ----a-w- c:\windows\system32\drivers\aswblogx.sys
2017-11-12 14:53 . 2017-03-18 16:39 157408 ----a-w- c:\windows\system32\drivers\aswbidshx.sys
2017-11-12 14:53 . 2017-03-18 16:39 255616 ----a-w- c:\windows\system32\drivers\aswbidsdriverx.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-11-12 14:53 1396816 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"HPConnectionManager"="c:\program files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"QLBController"="c:\program files\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2014-05-16 6506496]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2014-04-07 2453232]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-11-12 253344]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-05-27 1138783]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2017-09-05 587288]
"ZAM"="c:\dokumenty_kutik\PF\..Udrzba\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\0\0]
"Script"=\\baumax.com\NETLOGON\dwini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\1\0]
"Script"=SAPini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\2\0]
"Script"=\\Baumax.com\netlogon\PrinterChange\ChangePrinters-SKCPRINT.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\3\0]
"Script"=\\Baumax.com\NETLOGON\Signaturen\signature_sk.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\4\0]
"Script"=SAPini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\0\0]
"Script"=\\baumax.com\NETLOGON\dwini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\1\0]
"Script"=SAPini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\2\0]
"Script"=\\baumax.com\netlogon\Signaturen\xx_st_signature_cz.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
2016-10-08 16:04 2138272 ----a-w- c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
2014-10-31 15:41 2066432 ----a-w- c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicPlusHelper]
2014-08-27 17:25 2499240 ----a-w- c:\dokumenty_kutik\PF\Lenovo_MagicPlus\MagicPlus_helper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
2012-02-28 13:53 190768 ----a-w- c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2017-10-06 11:38 27832264 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2017-07-18 12:00 254840 ----a-w- c:\dokumenty_kutik\PF\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2004-12-20 18:41 33792 ----a-w- c:\dokumenty_kutik\PF\Winamp\winampa.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2017-11-12 150848]
R2 MBAMService;Malwarebytes Service;c:\dokumenty_kutik\PF\..Udrzba\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
R2 MbnExt;Mobile Broadband Extension Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 Microsoft DirectX Configuration Service;Microsoft DirectX Configuration Service;c:\windows\system32\dxconfig.exe [2016-02-19 64512]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\aswidsagent.exe [2017-11-12 5904136]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys [2017-11-12 42848]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DwMirror;DwMirror;c:\windows\system32\DRIVERS\DamewareMini.sys [2008-03-14 3712]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6032.sys [2009-07-13 164864]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TheConversionServer;Therefore™ Conversion Service;c:\program files\Therefore\TheConversionServer.exe [2013-09-30 44352]
R3 TheInstaller;Therefore™ Installer Service;c:\program files\Therefore\TheInstaller.exe [2013-09-30 119616]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1343400]
R4 ADExchange;ArcSoft Exchange Service;c:\program files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-02-16 43112]
R4 BWMeterConSvc;BWMeter Connections Service;c:\dokumenty_kutik\PF\BWMeter\BWMeterConSvc.exe [x]
R4 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service;c:\program files\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-04-14 186488]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2017-07-18 317408]
R4 TomTomHOMEService;TomTomHOMEService;c:\dokumenty_kutik\PF\TomTom HOME 2\TomTomHOMEService.exe [2017-07-18 99704]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidshx.sys [2017-11-12 157408]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswblogx.sys [2017-11-12 276728]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbunivx.sys [2017-11-12 50376]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2017-11-12 70864]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2017-11-12 298360]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys [2017-11-12 157176]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriverx.sys [2017-11-12 255616]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2017-09-05 39784]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2017-11-12 783136]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2017-11-16 388760]
S1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\DRIVERS\dwvkbd.sys [2008-03-13 26624]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam32.sys [2017-12-20 181496]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard32.sys [2017-12-20 181496]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-01-22 176128]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2017-11-12 124952]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-05-16 197536]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-06-20 523680]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-02-28 26496]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2012-03-20 2325584]
S2 ZAMSvc;ZAM Controller Service;c:\dokumenty_kutik\PF\..Udrzba\Zemana AntiMalware\ZAM.exe [2017-08-09 15775888]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2012-02-27 145496]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBPROTECTION
*NewlyCreated* - ZAM
*NewlyCreated* - ZAM_GUARD
*Deregistered* - ESProtectionDriver
*Deregistered* - MBAMFarflt
*Deregistered* - MBAMProtection
*Deregistered* - MBAMSwissArmy
*Deregistered* - MBAMWebProtection
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-07-31 22:31 324080 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
------- Doplňkový sken -------
.
mStart Page =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: vieconnect.at\bmx
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\n07z0csq.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-KeepVidProUpdateHelper - c:\dokumenty_kutik\PF\KeepVid Pro\KeepVidProUpdateHelper.exe
MSConfigStartUp-OSDownloader - c:\dokumenty_kutik\PF\OSDownloader\OSDownloader.exe
MSConfigStartUp-OSDownloaderUpdate - c:\dokumenty_kutik\PF\OSDownloader\OSDownloaderUpdate.exe
MSConfigStartUp-Spotify - c:\users\kutik\AppData\Roaming\Spotify\Spotify.exe
MSConfigStartUp-Spotify Web Helper - c:\users\kutik\AppData\Roaming\Spotify\SpotifyWebHelper.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2017-12-20 19:26:52
ComboFix-quarantined-files.txt 2017-12-20 18:26
.
Před spuštěním: Volných bajtů: 112 271 351 808
Po spuštění: Volných bajtů: 112 157 896 704
.
- - End Of File - - 44D2A1A1EFE0FF5A06D8DCA9FFC9EC44
A36C5E4F47E84449FF07ED3517B43A31

----------------------------------------------------------------

VŠE HOTOVO.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 20 pro 2017 20:54

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\0\0]
"Script"=\\baumax.com\NETLOGON\dwini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\1\0]
"Script"=SAPini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\2\0]
"Script"=\\Baumax.com\netlogon\PrinterChange\ChangePrinters-SKCPRINT.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\3\0]
"Script"=\\Baumax.com\NETLOGON\Signaturen\signature_sk.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\4\0]
"Script"=SAPini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\0\0]
"Script"=\\baumax.com\NETLOGON\dwini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\1\0]
"Script"=SAPini.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\2\0]
"Script"=\\baumax.com\netlogon\Signaturen\xx_st_signature_cz.bat

říká Ti to něco?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 21 pro 2017 10:37

Tohle bude souviset s mojí bývalou prací. Už tam nejsem a nepoužívám to, takže za mě to může pryč.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 21 pro 2017 18:10

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
Folder::
c:\program files\Skype\Updater

Driver::
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\0\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\1\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\2\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\3\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-34007\Scripts\Logon\4\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\0\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\1\0]
"Script"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2074873108-841358846-564879142-8337\Scripts\Logon\2\0]
"Script"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Korzarek
nováček
Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Korzarek » 21 pro 2017 21:40

Ahoj,

teď byly trochu potíže:

CFTScript jsem sestavil a pustil ho přes Combofix.
Vše běželo OK ale před restartem , kdy to v okně psalo:
Restartuji Windows, prosím čekejte
Dovolte Combofixu restartovat PC
Nesnažte se PC restartovat sami.

... se najednou postupně objevilo několik níže uvedených hlášek, které nereagovaly na odpověď "NE", takže jsem to risknul a postupně na všechny dal "ANO"
šlo o tato chybová okna:

Unable to create a backup of the current registry file
C/Windows/System32/Config/System

Continue restoration of this file?

ANO
------------
Error restoring
C/Windows/erdnt/sibs/security
to
C/Windows/System32/Config/security

Continue with the next file?
(RegReplaceKey: 5 - Přístup byl odepřen)

ANO
----------------
Unable to create a backup of the current registry file
C/Windows/System32/Config/sam

Continue restoration of this file?

ANO
-----------------------------------
Unable to create a backup of the current registry file
C/Windows/System32/Config/compon...1

Continue restoration of this file?

ANO
----------------------------------
Error restoring

C/Windows/Erdnt/subs/compon....1
to
C/Windows/System32/config/compon....1

Continue with next file?

(RegReplaceKey: 5 - Přístup byl odepřen)

ANO
--------------------------------
Následně proběhl restart a vytvořil selog:

ComboFix
17-12-11.01 - kutik 21.12.2017 20:23:14.2.4 - x86
Microsoft Windows 7 Enterprise 6.1.7601.1.1250.420.1033.18.3054.2096 [GMT 1:00]
Spuštěný z: c:\users\kutik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\kutik\Desktop\CFScript.txt.txt
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-11-21 do 2017-12-21 )))))))))))))))))))))))))))))))
.
.
2017-12-21 14:33 . 2017-12-21 14:32 118144 ----a-w- c:\windows\system32\drivers\aswHdsKe.sys
2017-12-21 14:33 . 2017-12-21 14:32 305840 ----a-w- c:\windows\system32\aswBoot.exe
2017-12-20 17:53 . 2017-12-20 17:53 181496 ----a-w- c:\windows\system32\drivers\zamguard32.sys
2017-12-20 17:53 . 2017-12-20 17:53 181496 ----a-w- c:\windows\system32\drivers\zam32.sys
2017-12-20 17:53 . 2017-12-20 17:53 -------- d-----w- c:\users\kutik\AppData\Local\Zemana
2017-12-20 17:42 . 2017-12-20 12:01 24064 ----a-w- c:\windows\zoek-delete.exe
2017-12-20 17:42 . 2017-12-21 19:51 -------- d-----w- c:\users\kutik\AppData\Local\Temp
2017-12-20 12:01 . 2017-12-20 12:01 -------- d-----w- C:\zoek_backup
2017-12-20 10:31 . 2017-12-20 10:32 -------- d-----w- c:\users\kutik\AppData\Local\Adobe
2017-12-19 21:19 . 2017-12-20 11:33 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-12-19 21:17 . 2017-12-19 22:42 -------- d-----w- c:\programdata\RogueKiller
2017-12-19 19:49 . 2017-12-19 19:49 -------- d-----w- c:\programdata\Sophos
2017-12-18 16:25 . 2017-11-29 08:11 59896 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-12-18 16:25 . 2017-12-18 16:25 -------- d-----w- c:\programdata\Malwarebytes
2017-12-18 16:17 . 2017-12-19 19:09 -------- d-----w- C:\AdwCleaner
2017-12-17 16:21 . 2017-12-17 16:21 -------- d-----w- c:\users\kutik\AppData\Local\Therefore
2017-12-17 11:59 . 2017-12-17 11:59 -------- d-----w- c:\users\kutik\AppData\Roaming\Apple Computer
2017-12-14 20:14 . 2017-12-14 20:14 -------- d-----w- c:\users\kutik\AppData\Roaming\HD Tune Pro
2017-12-14 19:15 . 2017-12-14 19:15 -------- d-----w- c:\windows\Transcend JetFlash Recovery Tool
2017-12-06 14:54 . 2017-12-06 14:54 -------- d-----w- c:\program files\Common Files\Avast Software
2017-11-25 10:42 . 2017-11-25 10:42 -------- d-----w- c:\programdata\TomTom
2017-11-25 10:41 . 2017-11-25 10:41 -------- d-----w- c:\users\kutik\AppData\Roaming\TomTom
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-12-21 14:32 . 2015-02-07 11:42 151328 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-12-21 14:32 . 2015-02-07 11:42 294680 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-12-21 14:32 . 2015-02-07 11:42 390272 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-12-21 14:32 . 2017-11-12 14:54 158224 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2017-12-21 14:32 . 2015-02-07 11:42 70832 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-12-21 14:32 . 2015-02-07 11:42 124408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-12-21 14:32 . 2015-02-07 11:42 99528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-12-21 14:32 . 2015-02-07 11:42 42824 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-12-21 14:32 . 2015-02-07 11:42 783104 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-12-21 14:32 . 2017-03-18 16:39 50344 ----a-w- c:\windows\system32\drivers\aswbunivx.sys
2017-12-21 14:32 . 2017-03-18 16:39 276696 ----a-w- c:\windows\system32\drivers\aswblogx.sys
2017-12-21 14:32 . 2017-03-18 16:39 157376 ----a-w- c:\windows\system32\drivers\aswbidshx.sys
2017-12-21 14:32 . 2017-03-18 16:39 255584 ----a-w- c:\windows\system32\drivers\aswbidsdriverx.sys
2017-12-13 09:38 . 2012-04-05 15:40 803328 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-12-13 09:38 . 2012-04-05 14:16 144896 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2017-11-16 16:39 . 2015-02-07 11:42 388760 ----a-w- c:\windows\system32\drivers\asw1aca1a31a5fb08db.tmp
2017-11-12 15:07 . 2015-08-06 14:09 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2017-11-12 14:54 . 2015-02-07 11:42 150848 ----a-w- c:\windows\system32\drivers\aswc3a2c3c324306c0e.tmp
2017-11-12 14:54 . 2015-02-07 11:42 298360 ----a-w- c:\windows\system32\drivers\aswa2ae846d0280142f.tmp
2017-11-12 14:54 . 2015-02-07 11:42 70864 ----a-w- c:\windows\system32\drivers\aswbf6d7c54dc59e913.tmp
2017-11-12 14:54 . 2017-11-12 14:54 157176 ----a-w- c:\windows\system32\drivers\aswbbc532b4ed6c2ce1.tmp
2017-11-12 14:54 . 2015-02-07 11:42 124952 ----a-w- c:\windows\system32\drivers\asw3306eb84b9e0e78c.tmp
2017-11-12 14:54 . 2015-02-07 11:42 99560 ----a-w- c:\windows\system32\drivers\asw8f1f4c5a05849ed0.tmp
2017-11-12 14:54 . 2015-02-07 11:42 42848 ----a-w- c:\windows\system32\drivers\asw3bddff34be81cea3.tmp
2017-11-12 14:53 . 2015-02-07 11:42 783136 ----a-w- c:\windows\system32\drivers\aswc9651c74ed00e46e.tmp
2017-11-12 14:53 . 2017-03-18 16:39 50376 ----a-w- c:\windows\system32\drivers\asw9c651d3d419a9901.tmp
2017-11-12 14:53 . 2017-03-18 16:39 276728 ----a-w- c:\windows\system32\drivers\aswe2ce26840fffd99b.tmp
2017-11-12 14:53 . 2017-03-18 16:39 157408 ----a-w- c:\windows\system32\drivers\asw41ced1a9d1f06045.tmp
2017-11-12 14:53 . 2017-03-18 16:39 255616 ----a-w- c:\windows\system32\drivers\asw9b2a2259489ecb02.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-12-21 14:32 1386968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"HPConnectionManager"="c:\program files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"QLBController"="c:\program files\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2014-05-16 6506496]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2014-04-07 2453232]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-12-21 246120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-05-27 1138783]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2017-09-05 587288]
"ZAM"="c:\dokumenty_kutik\PF\..Udrzba\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
2016-10-08 16:04 2138272 ----a-w- c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
2014-10-31 15:41 2066432 ----a-w- c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicPlusHelper]
2014-08-27 17:25 2499240 ----a-w- c:\dokumenty_kutik\PF\Lenovo_MagicPlus\MagicPlus_helper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
2012-02-28 13:53 190768 ----a-w- c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2017-10-06 11:38 27832264 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2017-07-18 12:00 254840 ----a-w- c:\dokumenty_kutik\PF\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2004-12-20 18:41 33792 ----a-w- c:\dokumenty_kutik\PF\Winamp\winampa.exe
.
R2 MbnExt;Mobile Broadband Extension Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys [2017-12-21 42824]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DwMirror;DwMirror;c:\windows\system32\DRIVERS\DamewareMini.sys [2008-03-14 3712]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6032.sys [2009-07-13 164864]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TheConversionServer;Therefore™ Conversion Service;c:\program files\Therefore\TheConversionServer.exe [2013-09-30 44352]
R3 TheInstaller;Therefore™ Installer Service;c:\program files\Therefore\TheInstaller.exe [2013-09-30 119616]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1343400]
R4 ADExchange;ArcSoft Exchange Service;c:\program files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-02-16 43112]
R4 BWMeterConSvc;BWMeter Connections Service;c:\dokumenty_kutik\PF\BWMeter\BWMeterConSvc.exe [x]
R4 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service;c:\program files\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-04-14 186488]
R4 TomTomHOMEService;TomTomHOMEService;c:\dokumenty_kutik\PF\TomTom HOME 2\TomTomHOMEService.exe [2017-07-18 99704]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidshx.sys [2017-12-21 157376]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswblogx.sys [2017-12-21 276696]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbunivx.sys [2017-12-21 50344]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2017-12-21 70832]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2017-12-21 294680]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys [2017-12-21 158224]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriverx.sys [2017-12-21 255584]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [2017-12-21 118144]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2017-09-05 39784]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2017-12-21 783104]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2017-12-21 390272]
S1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\DRIVERS\dwvkbd.sys [2008-03-13 26624]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae.sys [2017-11-29 59896]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam32.sys [2017-12-20 181496]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard32.sys [2017-12-20 181496]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-01-22 176128]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2017-12-21 124408]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2017-12-21 151328]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-05-16 197536]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-06-20 523680]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-02-28 26496]
S2 MBAMService;Malwarebytes Service;c:\dokumenty_kutik\PF\..Udrzba\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
S2 Microsoft DirectX Configuration Service;Microsoft DirectX Configuration Service;c:\windows\system32\dxconfig.exe [2016-02-19 64512]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2012-03-20 2325584]
S2 ZAMSvc;ZAM Controller Service;c:\dokumenty_kutik\PF\..Udrzba\Zemana AntiMalware\ZAM.exe [2017-08-09 15775888]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\aswidsagent.exe [2017-12-21 5906816]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2012-02-27 145496]
S3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys [2017-12-21 91576]
S3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys [2017-12-21 40376]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys [2017-12-21 221112]
S3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys [2017-12-21 65824]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBPROTECTION
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-07-31 22:31 324080 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
------- Doplňkový sken -------
.
mStart Page =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: vieconnect.at\bmx
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\kutik\AppData\Roaming\Mozilla\Firefox\Profiles\9gd2k5qg.default\
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
c:\program files\Broadcom\Broadcom 802.11\bcmwltry.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\dokumenty_kutik\PF\Teamwiever\TeamViewer_Service.exe
c:\windows\system32\CCM\CcmExec.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\msiexec.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\dokumenty_kutik\PF\..Udrzba\Anti-Malware\mbamtray.exe
c:\program files\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\program files\AVAST Software\Avast\AvastUI.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\wbem\WmiApSrv.exe
.
**************************************************************************
.
Celkový čas: 2017-12-21 20:55:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-12-21 19:55
.
Před spuštěním: Volných bajtů: 101 630 615 552
Po spuštění: Volných bajtů: 102 742 618 112
.
- - End Of File - - 4BA74573EC86FE33A4F932D33EB2527E
A36C5E4F47E84449FF07ED3517B43A31


---------------------------------------------------
HIJACKTHIS = hotovo
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:03, on 21.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\dxconfig.exe
C:\DOKUMENTY_KUTIK\PF\..Udrzba\Anti-Malware\mbamtray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe
C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\Explorer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\RunDll32.exe
C:\DOKUMENTY_KUTIK\PF\..Udrzba\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [FreePDF Assistant] "C:\Program Files\FreePDF_XP\fpassist.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZAM] "C:\DOKUMENTY_KUTIK\PF\..Udrzba\Zemana AntiMalware\ZAM.exe" /minimized
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = BAUMAX.com
O17 - HKLM\Software\..\Telephony: DomainName = BAUMAX.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = BAUMAX.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = BAUMAX.com
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Protocol: WSKVAllmytubechrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: DameWare Mini Remote Control (dwmrcs) - SolarWinds - C:\Windows\dwrcs\dwrcs.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\DOKUMENTY_KUTIK\PF\..Udrzba\Anti-Malware\mbamservice.exe
O23 - Service: Microsoft DirectX Configuration Service - Unknown owner - C:\Windows\system32\dxconfig.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMS Task Sequence Agent (smstsmgr) - Unknown owner - C:\Windows\system32\CCM\TSManager.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\DOKUMENTY_KUTIK\PF\Teamwiever\TeamViewer_Service.exe
O23 - Service: Therefore™ Conversion Service (TheConversionServer) - Therefore Corporation - C:\Program Files\Therefore\TheConversionServer.exe
O23 - Service: Therefore™ Installer Service (TheInstaller) - Therefore Corporation - C:\Program Files\Therefore\TheInstaller.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\DOKUMENTY_KUTIK\PF\..Udrzba\Zemana AntiMalware\ZAM.exe
--
End of file - 7995 bytes
----------------------------------------------------

Pak jsem spustil ASWMBR.

Při běhu se objevila chybová hláška:
"Program Avast Antirootkit přestal pracovat."


Po stisknutí "Ukončit program" se zavřelo okno, kde běželo ASWMBR a program skončil.

Zkoušel jsem to ještě jednou, ale výsledek byl stejný.

Co teď?


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů