Prosím moc o pomoc s kontrolou HJT

breb · Příspěvekod **breb** » 12 dub 2015 21:19

Úplně se mi to tady zbláznilo.. Nemůžu skoro ani psát..
Díky moc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:07:28, on 12.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
CHROME: 41.0.2272.118

Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Windows\System32\cpuminer-x86.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\windows\system32\conhost.exe
c:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Users\Breb\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Breb\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Users\Breb\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\taskeng.exe
C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\Downloads\HijackThis (2).exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Breb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?affID=119 ... 119674EB40
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "c:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [cpuminer] C:\windows\system32\cpuminer-x86.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Breb\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Breb\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Breb\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Breb\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\tray.exe" (User '?')
O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [uTorrent] "C:\Users\Breb\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Breb\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Breb\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1504759668-3704817700-1960757950-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\tray.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\tray.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Dropbox.lnk = Breb\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?')
O4 - S-1-5-21-1504759668-3704817700-1960757950-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (User '?')
O4 - Startup: Dropbox.lnk = Breb\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (file missing)
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\system32\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\system32\flcdlock.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Services\IPT\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: PostgreSQL 8.4 (MyTrees) - PostgreSQL Global Development Group - C:/Program Files/MyTrees/postgresql/bin/pg_ctl.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system32\ArcVCapRender\uArcCapture.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

--
End of file - 22003 bytes

Reklama

Příspěvekod **jerabina** » 12 dub 2015 21:33

Ahoj, ani se nedivím, že ti to nejde. Díval jsem se na to a jenom počítač se ti musí spouštět nesnesitelně dlouho + tich spuštěných položek ...

Vrhneme se na to, začneme standardně.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

breb · Příspěvekod **breb** » 12 dub 2015 22:10

Tak tady je první log.. Děkuji..

# AdwCleaner v4.201 - Log vytvořen 12/04/2015 v 21:57:33
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x86)
# Uživatelské jméno : Breb - BREB-HP
# Spuštěno z : C:\Users\Breb\Desktop\adwcleaner_4.201.exe
# Nastavení : Sken

***** [ Služby ] *****

Služba Nalezeno : BrowserProtect
Služba Nalezeno : globalUpdate
Služba Nalezeno : globalUpdatem

***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Program Files\CinemaP-1.9cV16.03
Složka Nalezeno : C:\Program Files\globalUpdate
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\StarApp
Složka Nalezeno : C:\Users\Breb\AppData\Local\globalUpdate
Složka Nalezeno : C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb
Složka Nalezeno : C:\Users\Breb\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Breb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Složka Nalezeno : C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Soubor Nalezeno : C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
Soubor Nalezeno : C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb
Soubor Nalezeno : C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
Soubor Nalezeno : C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
Soubor Nalezeno : C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\bprotector_extensions.sqlite
Soubor Nalezeno : C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\bprotector_prefs.js
Soubor Nalezeno : C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\searchplugins\BrowserProtect.xml

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : AmiUpdXp
Úloha Nalezeno : globalUpdateUpdateTaskMachineCore
Úloha Nalezeno : globalUpdateUpdateTaskMachineUA
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-3
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-6
Úloha Nalezeno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-7

***** [ Zástupci ] *****

***** [ Registry ] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíč Nalezeno : HKCU\Software\a6d8dfe13dbf17
Klíč Nalezeno : HKCU\Software\APN PIP
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Nalezeno : HKCU\Software\BabylonToolbar
Klíč Nalezeno : HKCU\Software\CinemaP-1.9cV16.03
Klíč Nalezeno : HKCU\Software\DataMngr
Klíč Nalezeno : HKCU\Software\GlobalUpdate
Klíč Nalezeno : HKCU\Software\InstalledBrowserExtensions
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíč Nalezeno : HKCU\Software\Softonic
Klíč Nalezeno : HKLM\SOFTWARE\156eacdc-6be3-484e-958c-b1950c01381c
Klíč Nalezeno : HKLM\SOFTWARE\a6d8dfe13dbf17
Klíč Nalezeno : HKLM\SOFTWARE\Babylon
Klíč Nalezeno : HKLM\SOFTWARE\CinemaP-1.9cV16.03
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíč Nalezeno : HKLM\SOFTWARE\DataMngr
Klíč Nalezeno : HKLM\SOFTWARE\GlobalUpdate
Klíč Nalezeno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Nalezeno : HKLM\SOFTWARE\PIP
Klíč Nalezeno : HKLM\SOFTWARE\SafetyNut

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17420

Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www1.delta-search.com/?affID=119 ... 119674EB40

-\\ Mozilla Firefox v

[ik16ldyt.default] - Řádek Nalezeno : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=119816&tt=220413_www1&babsrc=NT_ss&mntrId=A06608119674EB40");
[ik16ldyt.default] - Řádek Nalezeno : user_pref("browser.search.defaultenginename", "Delta Search");
[ik16ldyt.default] - Řádek Nalezeno : user_pref("browser.search.selectedEngine", "Delta Search");
[ik16ldyt.default] - Řádek Nalezeno : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?affID=119816&tt=220413_www1&babsrc=HP_ss&mntrId=A06608119674EB40");

-\\ Google Chrome v

[C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=220413_www1&babsrc=SP_ss&mntrId=A06608119674EB40
[C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://www.booking.com/searchresults.cs ... e%2Cdi;ss={searchTerms};label=opensearch-plugin
[C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://www.caj-kava.eu/index.php?sec=ad ... key_words={searchTerms}&x=0&y=0
[C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : acklnhgjphbhhomkneonohbjnbmkclfb
[C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Startup_URLs] : hxxp://isearch.avg.com/?cid={F1FA5028-D9F1-4BDF-9AF4-8CF9A9E59FEB}&mid=9d3828b1162f8536be880886838f6519-75198bd1d307bd864fb453cf40fc2cb46a85d067&lang=cs&ds=AVG&pr=pr&d=2012-01-08 17:14:06&v=14.0.3.14&pid=avg&sg=&sap=hp

*************************

AdwCleaner[R0].txt - [12104 bytů] - [12/04/2015 21:57:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12163 bytů] ##########

breb · Příspěvekod **breb** » 12 dub 2015 22:39

A tady je druhý log.. Jak se v tom můžete vyznat? :)
Díky za pomoc.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.4.2015
Čas skenování: 22:05:45
Protokol: Malware.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.12.03
Databáze rootkitů: v2015.03.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Breb

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 358204
Uplynulý čas: 30 min, 11 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 37
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [3f748cdf8dfd072fba8a3e3602017789],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [9c17fd6e5436ed49f4e6ba8004ff6b95],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\CinemaP-1.9cV16.03, , [4c6777f40c7ecb6b84efae3425def10f],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\CinemaP-1.9cV16.03-nv, , [e9caf07bf199e6509cd735ad13f0db25],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [565de685d0bacd69482b29b9e320b24e],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\DataMngr, , [8f24eb80a9e1ca6cd9b6cc28ce35f40c],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE, , [fbb8b0bbb7d34fe72895ea00d62dc838],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [e0d3541795f5a2945b240003bb4942be],
PUP.Software.Updater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [971c32391278bd79fdc79383f90b5fa1],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [5162ea81e5a546f0889dea5d976ebe42],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [ad063437c4c67cbad65081c6679e738d],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv, , [2192abc03b4fea4c0a6aeaf8af545ea2],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [3d7685e60783d660d99b26bc7d8625db],
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\BabylonToolbar, , [9f148ae1b9d1f83edce9ab7d9e67a759],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\CinemaP-1.9cV16.03, , [f7bc0a6186044cea70046280c142d030],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\CinemaP-1.9cV16.03-nv, , [ad062c3fe8a23ef80f65855dac57916f],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [3a7994d73f4b93a3f97beef450b3be42],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\DataMngr, , [c7ec71fad4b6da5c6b9a5bcab84db749],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [397a006b96f4bf77d66a42f7c83d1ae6],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [7d361e4d830796a05cedbe00dd2615eb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [bdf65714731773c3198304db15ee35cb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV16.03, , [00b3d893d3b7ac8adc9808cc5ca76c94],
PUP.Optional.BProtector.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, , [edc6c9a248421620153687a15ca9b34d],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CinemaP-1.9cV16.03, , [d6ddc2a96c1e1a1c3f215d4717ec6e92],

Hodnoty registru: 7
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE|path, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, , [fbb8b0bbb7d34fe72895ea00d62dc838]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, , [565d2b407515082e9a16e6d7a85bc33d]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, auto, , [7d361e4d830796a05cedbe00dd2615eb]
PUP.BProtector, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www1.delta-search.com/?affID=119 ... 119674EB40, , [ae05531873175cda36d07da80bfa946c]
PUP.BProtector, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [199abfac3951f73f65a224018d78dd23]
PUP.Optional.Delta.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=220413_www1&babsrc=SP_ss&mntrId=A06608119674EB40, , [2e85e18a6d1de84e52682033b352916f]
PUP.Optional.Babylon.A, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, , [6a490c5fef9b290d8a2c124125e0f709]

Data registru: 2
PUP.Optional.StartPage, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www1.delta-search.com/?affID=119 ... 119674EB40, Dobré: (www.google.com), Špatné: (http://www1.delta-search.com/?affID=119 ... 119674EB40),,[6e4549225e2c62d450a3cc34b353619f]
PUP.Optional.StartPage, HKU\S-1-5-21-1504759668-3704817700-1960757950-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www1.delta-search.com/?affID=119 ... 119674EB40, Dobré: (www.google.com), Špatné: (http://www1.delta-search.com/?affID=119 ... 119674EB40),,[4b6815560486eb4bac47d030d82e6e92]

Složky: 19
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\bitstreams, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{C2788088-5A39-430B-B953-C161BF2331CF}, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.Cinema.A, C:\Program Files\CinemaP-1.9cV16.03, , [d6ddc2a96c1e1a1c3f215d4717ec6e92],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\userCode, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\icons, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\icons\actions, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\popupResource, , [e4cfc0ab503a0e28783adcde27dc7888],

Soubory: 170
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Roaming\BYAIAMUF.exe, , [b30087e43f4b95a16dad1024b05621df],
PUP.Optional.Nova.A, C:\Program Files\69dc8177-a574-4dff-8461-b3267b078dcf\40882d6a-0c6a-479b-917d-dd9bf7ea5963.dll, , [f8bb78f3b5d5ce683ad3dc344cb65da3],
PUP.Optional.Nova.A, C:\Program Files\Adobe\9d5b5dfe-1daf-4852-b6fd-0ba80aa7ac4f.dll, , [d0e362099deda195789509070df5e41c],
PUP.Optional.CrossRider, C:\Program Files\CinemaP-1.9cV16.03\UninstallBrw.exe, , [53601e4da8e2fd3910246ad9e1218a76],
PUP.Optional.Bitcoin, C:\Windows\System32\acumncfqse.exe, , [5e553536404a9f97b9a09aca8d75b44c],
Trojan.BitMiner, C:\Windows\System32\dcgmncfqse.exe, , [70434b20305a44f2fd57c1b4eb17669a],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncfqse.exe, , [932035365931f4421e028cb2bc45619f],
PUP.Optional.Softonic, C:\Users\Breb\Downloads\SoftonicDownloader_for_winamp.exe, , [674c80eb127838fe039e14c3e9189a66],
PUP.Optional.OpenCandy, C:\Users\Breb\Downloads\utorrent (1).exe, , [8a29f477850543f333b4bfa36a9bf40c],
PUP.Optional.OpenCandy, C:\Users\Breb\Downloads\utorrent.exe, , [e3d00b607b0fba7ca64181e1d3329b65],
PUP.Optional.Amonetize, C:\Users\Breb\Downloads\Garmin Alpenvereinskarten 2013 Unlocked_10924_i51748671_il345.exe, , [268dcc9fcbbff343ad46280e18ea51af],
PUP.Optional.OpenCandy, C:\Users\Breb\Downloads\winamp563_full_emusic-7plus_all.exe, , [02b1006bed9d3df9766afb2c5aacf30d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6, , [4b685714e5a5b18543757575986b37c9],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7, , [5c5793d85c2e9e981b9d0cde0bf8c040],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user, , [199aa8c3fc8e1d19f3c506e4b94a0bf5],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3, , [fab9aac1b7d38da9229662881de6a759],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5, , [2291ed7e0d7da294308818d2986b7b85],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user, , [1c97df8cc7c3a59105b31ecc6f94857b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6, , [dcd73e2d97f3af872c8c5298de25718f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7, , [2b88ed7e5139ee48e8d0b2387b884bb5],
PUP.Optional.BrowserProtect.A, C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\searchplugins\BrowserProtect.xml, , [c7ec9bd0c7c3bc7a0bbca24c05feae52],
PUP.SoftwareUpdater.A, C:\Windows\System32\Tasks\AmiUpdXp, , [feb5b7b4afdb280ec46e3cb3e51e9e62],
PUP.Optional.Babylon.A, C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\searchplugins\babylon.xml, , [2192e685fa9077bf7173996b60a4e917],
PUP.Optional.BProtector.A, C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\bProtector_extensions.sqlite, , [4172a9c246445ed8a34de024d82c57a9],
PUP.Optional.BProtector.A, C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\bProtector_prefs.js, , [0aa9294297f33ff720d16a9a14f0a55b],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, , [357e4229bbcfec4a794ab462a3612cd4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job, , [2390b0bb4d3d0432a57253f2867f0ff1],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job, , [fdb6a9c25d2d84b247d014310df8f50b],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job, , [fbb80c5fa4e640f64fc870d5f60f619f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job, , [3281e289aae01d1940d72f1654b126da],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job, , [b00390dbf991132380970144dc293ac6],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job, , [7b3838332c5e74c2d93eb590679e13ed],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job, , [c1f28fdc1a705fd71afda5a013f27e82],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job, , [8d265714e9a191a511069baa768fcd33],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [7d36b0bb6f1b2610f3337bca8a7b19e7],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [387bf378f7930b2b23044afb8f768b75],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [bdf68ae176148caaca5e8db8d530f30d],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [02b1591278120c2a0029e263ac59b34d],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\diablo130302.cl, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\diakgcn121016.cl, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\libcurl-4.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\libeay32.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\libidn-11.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\librtmp.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\libssh2.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\mncxbsla.exe, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\phatk121016.cl, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\poclbm130302.cl, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\scrypt130511.cl, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\ssleay32.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\zlib1.dll, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
Trojan.Agent.BCM, C:\Windows\inf\mncxbsla\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [fdb6b7b4cbbfd95ddabf117953b02fd1],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, , [ecc70467f991a5916ae4336ba1626f91],
PUP.Optional.Cinema.A, C:\Program Files\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.crx, , [d6ddc2a96c1e1a1c3f215d4717ec6e92],
PUP.Optional.Cinema.A, C:\Program Files\CinemaP-1.9cV16.03\bgNova.html, , [d6ddc2a96c1e1a1c3f215d4717ec6e92],
PUP.Optional.Cinema.A, C:\Program Files\CinemaP-1.9cV16.03\Uninstall.exe, , [d6ddc2a96c1e1a1c3f215d4717ec6e92],
PUP.Optional.Cinema.A, C:\Program Files\CinemaP-1.9cV16.03\utils.exe, , [d6ddc2a96c1e1a1c3f215d4717ec6e92],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\background.html, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\chromeCoreFilesIndex.txt, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\manifest.json, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\popup.html, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\Settings.json, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\manifest.xml, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins.json, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\286.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\102.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\119.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\123.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\13.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\14.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\17.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\178.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\179.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\180.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\184.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\19.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\191.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\195.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\200.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\217.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\220.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\221.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\223.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\231.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\232.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\234.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\242.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\246.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\252.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\253.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\260.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\262.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\263.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\273.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\281.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\288.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\289.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\290.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\300.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\334.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\335.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\339.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\342.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\344.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\345.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\354.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\356.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\375.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\379.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\380.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\385.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\388.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\389.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\390.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\391.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\4.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\47.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\64.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\7.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\78.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\80.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\9.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\91.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\93.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\plugins\97.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\userCode\background.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\extensionData\userCode\extension.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\icons\icon128.png, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\icons\icon16.png, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\icons\icon48.png, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\icons\actions\1.png, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\706bfda0f363fa06f01b1e034af3b8e5.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\e5d168303e095f1e8a4476bd4611a686.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\main.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api\821824c4ff44e79e796b5c6593571570.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api\97a230beecb131f8b4ac8e8be31b302c.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api\b34f1440f632234583c95da8f561162a.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api\d56c094cb98435925e108d4f11b97001.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api\e3b5c1ca15b2f62318e1d1e78be4d45f.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\api\pageAction.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\394f8ef16ad28461ab1c976e21207cd6.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\55864b5434117454e188cb479f234c6c.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\6a7264e21c2e9427bc9b1759ced49322.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\7279620c8d87ecb00c5f59d7ab8b7839.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\82a236dc8adef1268a24ea637c2516d7.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\94b29e7c8fcf512845a18a98b6996371.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\9bfae2d6a5b53302a125b9d1684b0910.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\a2706c75d6400df6759d9c51c274c658.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\a64dfdb4fa018c2497cffa7032c6b9c5.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\ab371f5434f316d14c2fc9fc06497ffa.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\app_api.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\b2a588785c79aba25b29202a537f7e7b.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\beacddf3dca02142efff8370d475bd34.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\c5d0ca5eded9a09ff65a043cfabc3500.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\dbf0deb4d225507afaf2a4b67c9221d0.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\installer.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\popupResource\newPopup.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.CrossRider.A, C:\Users\Breb\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb\1.26.25_0\js\lib\popupResource\popup.js, , [e4cfc0ab503a0e28783adcde27dc7888],
PUP.Optional.Delta.A, C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.startup.homepage", "http://www1.delta-search.com/?affID=119816&tt=220413_www1&babsrc=HP_ss&mntrId=A06608119674EB40");), ,[b9fa2b40d1b946f01a9e1f21ab5ba060]
PUP.Optional.Delta.A, C:\Users\Breb\AppData\Roaming\Mozilla\Firefox\Profiles\ik16ldyt.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.newtab.url", "http://www1.delta-search.com/?affID=119816&tt=220413_www1&babsrc=NT_ss&mntrId=A06608119674EB40");), ,[555ecc9f1e6cc274f4f167d9f80eb947]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **Orcus** » 13 dub 2015 12:04

Znovu spusť MbAM a dej Skenovat nyní
Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
Zkopíruj sem celý obsah toho logu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

breb · Příspěvekod **breb** » 13 dub 2015 14:25

Děkuji,

tentokrát jsem skončil hned na začátku.. V MbAM po proběhnutí scanu nemám nabídku na uložení všeho do karantény.. Jak dál?

Příspěvekod **jerabina** » 13 dub 2015 15:32

Ahoj, takže nějaké nákazy MBAM našel? Udělej printscreen okna po dokončení skenu a přilož ho jako přílohu, navedu tě dále.

breb · Příspěvekod **breb** » 13 dub 2015 15:49

Těžko říci. Printscreen je v příloze + posílám log
Díky moc.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13.4.2015
Čas skenování: 15:31:47
Protokol: log_MBAM.txt
Správce: Ano

Verze: 0.00.0.0000
Databáze malwaru: v2015.04.13.05
Databáze rootkitů: v2015.03.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Breb

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 355969
Uplynulý čas: 31 min, 56 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 13 dub 2015 15:54

Nejspíše jste již nákazy z MBAM odstranil při minulém skenu, log je čistý. Postupujte tedy prosím programem JRT a RogueKiller. Děkuji

Prosím moc o pomoc s kontrolou HJT

Prosím moc o pomoc s kontrolou HJT

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Re: Prosím moc o pomoc

Kdo je online