Ahoj neustále mi vyskakují instalační programy nějakých programů, winrar, apod., v chromu se mi neustále mění hlavní stránka ... je to nějakej software, který nemužu v ovládacích panelech najít. odinstaloval jsem vše co šlo, ale pořád mi tu něco vyskakuje. Na můj PC chodí máti, takže kdo ví na co kde klikla. poradíte mi prosím někdo co s tím ?
HJT log :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:24, on 20. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\RemoteX\RemoteXUser.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\AirMovie\xtray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Yenkee\Gaming Mouse Driver\Monitor.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F. ... F6vv2RdNpg,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Hornet] "C:\Program Files (x86)\Yenkee\Gaming Mouse Driver\Monitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteX] "C:\Program Files (x86)\RemoteX\RemoteXUser.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN16F4C3MM05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [Viber] "C:\Users\Petr\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [TiVme Agent] C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe srec
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\ProgramData\ExtTag\Temp-Stock.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Strongla (dowtloddyr) - Unknown owner - C:\Users\Petr\AppData\Local\donelectronics.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ExtTag - Unknown owner - C:\ProgramData\\ExtTag\\ExtTag.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: CD Feature (gyvixodu) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Disk Low-res (lehicewu) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Instant Messaging Toner (lylegity) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NixSrv Service (NixSrv) - Unknown owner - C:\Program Files\NixSrv\NixSrv.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Saophase - Unknown owner - C:\ProgramData\Saophase\Saophase.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: RemoteX Server (__RemoteX__) - http://www.PEEPLEware.com - C:\Program Files (x86)\RemoteX\RemoteX.exe
O23 - Service: AirMovie Server Service (__XSERVER__) - peepleware.com - C:\Program Files (x86)\AirMovie\\xserver.exe
--
End of file - 12535 bytes
neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
Vítej na fóru.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
===================================================
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne, proveď sám.
===================================================
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
===================================================
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy, spusť v nouz. režimu.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
===================================================
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne, proveď sám.
===================================================
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
===================================================
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy, spusť v nouz. režimu.
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
# AdwCleaner v5.008 - Logfile created 20/09/2015 at 21:44:54
# Updated 18/09/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 8 Pro (x64)
# Username : Petr - SIMLORDON
# Running from : C:\Users\Petr\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : sp_rsdrv2
Service Found : ExtTag
Service Found : NixSrv
Service Found : gyvixodu
Service Found : lehicewu
Service Found : lylegity
***** [ Folders ] *****
Folder Found : C:\Program Files\NixSrv
Folder Found : C:\Program Files (x86)\AnyProtectEx
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\RCP
Folder Found : C:\Program Files (x86)\GoHD
Folder Found : C:\Program Files (x86)\Shop and Save Up
Folder Found : C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF
Folder Found : C:\Program Files (x86)\GoHD
Folder Found : C:\Program Files (x86)\Shop and Save Up
Folder Found : C:\ProgramData\ExtTags
Folder Found : C:\ProgramData\ExtTag
Folder Found : C:\ProgramData\saophase
Folder Found : C:\ProgramData\Saophases
Folder Found : C:\ProgramData\4WdsManPro4
Folder Found : C:\ProgramData\9WdsManPro9
Folder Found : C:\ProgramData\iWdsManProi
Folder Found : C:\ProgramData\QWdsManProQ
Folder Found : C:\ProgramData\UWdsManProU
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Found : C:\Users\Petr\AppData\Local\globalUpdate
Folder Found : C:\Users\Petr\AppData\Local\Systweak
Folder Found : C:\Users\Petr\AppData\Roaming\AnyProtectEx
Folder Found : C:\Users\Petr\AppData\Roaming\istartsurf
Folder Found : C:\Users\Petr\AppData\Roaming\Systweak
Folder Found : C:\Users\Petr\AppData\Roaming\mystartsearch
Folder Found : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
***** [ Files ] *****
File Found : C:\Users\Public\Desktop\RegClean Pro.lnk
File Found : C:\Windows\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
***** [ Scheduled tasks ] *****
Task Found : ASP
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : snp
Task Found : snf
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-7
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-10_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-3
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-7
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-10_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-3
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SOFTWARE\c96f7254-a75b-42a5-9d91-3cc2cf8f591b
Key Found : HKLM\SOFTWARE\d675e2b9-0409-4297-a440-cd2c3ceb34f5
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKCU\Software\AnyProtect
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\GoHD
Key Found : HKCU\Software\Crossbrowse
Key Found : HKCU\Software\YorkNewCin
Key Found : HKCU\Software\HighDefAction
Key Found : HKCU\Software\ArenaHD
Key Found : HKCU\Software\Shop and Save Up
Key Found : HKCU\Software\MyBrowser
Key Found : HKCU\Software\OB
Key Found : HKCU\Software\GoHD
Key Found : HKCU\Software\Shop and Save Up
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\GoHD
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : HKLM\SOFTWARE\Crossbrowse
Key Found : HKLM\SOFTWARE\YorkNewCin
Key Found : HKLM\SOFTWARE\HighDefAction
Key Found : HKLM\SOFTWARE\ArenaHD
Key Found : HKLM\SOFTWARE\Shop and Save Up
Key Found : HKLM\SOFTWARE\downchecker
Key Found : HKLM\SOFTWARE\MyBrowser
Key Found : HKLM\SOFTWARE\WdsManPro
Key Found : HKLM\SOFTWARE\GoHD
Key Found : HKLM\SOFTWARE\Shop and Save Up
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
Key Found : [x64] HKCU\Software\AnyProtect
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\GoHD
Key Found : [x64] HKCU\Software\Crossbrowse
Key Found : [x64] HKCU\Software\YorkNewCin
Key Found : [x64] HKCU\Software\HighDefAction
Key Found : [x64] HKCU\Software\ArenaHD
Key Found : [x64] HKCU\Software\Shop and Save Up
Key Found : [x64] HKCU\Software\MyBrowser
Key Found : [x64] HKCU\Software\OB
Key Found : [x64] HKCU\Software\GoHD
Key Found : [x64] HKCU\Software\Shop and Save Up
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\YorkNewCin
Key Found : [x64] HKLM\SOFTWARE\HighDefAction
Key Found : [x64] HKLM\SOFTWARE\ArenaHD
Key Found : [x64] HKLM\SOFTWARE\downchecker
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\AppDataLow\Software\Crossrider
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Key Found : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\ExtTag\Temp-Stock.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\ExtTag\Stantech.dll
***** [ Web browsers ] *****
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : isearch.avg.com
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : delta-search.com
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15306 bytes] ##########
# Updated 18/09/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 8 Pro (x64)
# Username : Petr - SIMLORDON
# Running from : C:\Users\Petr\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : sp_rsdrv2
Service Found : ExtTag
Service Found : NixSrv
Service Found : gyvixodu
Service Found : lehicewu
Service Found : lylegity
***** [ Folders ] *****
Folder Found : C:\Program Files\NixSrv
Folder Found : C:\Program Files (x86)\AnyProtectEx
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\RCP
Folder Found : C:\Program Files (x86)\GoHD
Folder Found : C:\Program Files (x86)\Shop and Save Up
Folder Found : C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF
Folder Found : C:\Program Files (x86)\GoHD
Folder Found : C:\Program Files (x86)\Shop and Save Up
Folder Found : C:\ProgramData\ExtTags
Folder Found : C:\ProgramData\ExtTag
Folder Found : C:\ProgramData\saophase
Folder Found : C:\ProgramData\Saophases
Folder Found : C:\ProgramData\4WdsManPro4
Folder Found : C:\ProgramData\9WdsManPro9
Folder Found : C:\ProgramData\iWdsManProi
Folder Found : C:\ProgramData\QWdsManProQ
Folder Found : C:\ProgramData\UWdsManProU
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Found : C:\Users\Petr\AppData\Local\globalUpdate
Folder Found : C:\Users\Petr\AppData\Local\Systweak
Folder Found : C:\Users\Petr\AppData\Roaming\AnyProtectEx
Folder Found : C:\Users\Petr\AppData\Roaming\istartsurf
Folder Found : C:\Users\Petr\AppData\Roaming\Systweak
Folder Found : C:\Users\Petr\AppData\Roaming\mystartsearch
Folder Found : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
***** [ Files ] *****
File Found : C:\Users\Public\Desktop\RegClean Pro.lnk
File Found : C:\Windows\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299 )
***** [ Scheduled tasks ] *****
Task Found : ASP
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : snp
Task Found : snf
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-7
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-10_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-3
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-1-7
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-10_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-3
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-5_user
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-6
Task Found : a22065ff-036a-4dd1-ae58-e19143869784-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
Task Found : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SOFTWARE\c96f7254-a75b-42a5-9d91-3cc2cf8f591b
Key Found : HKLM\SOFTWARE\d675e2b9-0409-4297-a440-cd2c3ceb34f5
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKCU\Software\AnyProtect
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\GoHD
Key Found : HKCU\Software\Crossbrowse
Key Found : HKCU\Software\YorkNewCin
Key Found : HKCU\Software\HighDefAction
Key Found : HKCU\Software\ArenaHD
Key Found : HKCU\Software\Shop and Save Up
Key Found : HKCU\Software\MyBrowser
Key Found : HKCU\Software\OB
Key Found : HKCU\Software\GoHD
Key Found : HKCU\Software\Shop and Save Up
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\GoHD
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : HKLM\SOFTWARE\Crossbrowse
Key Found : HKLM\SOFTWARE\YorkNewCin
Key Found : HKLM\SOFTWARE\HighDefAction
Key Found : HKLM\SOFTWARE\ArenaHD
Key Found : HKLM\SOFTWARE\Shop and Save Up
Key Found : HKLM\SOFTWARE\downchecker
Key Found : HKLM\SOFTWARE\MyBrowser
Key Found : HKLM\SOFTWARE\WdsManPro
Key Found : HKLM\SOFTWARE\GoHD
Key Found : HKLM\SOFTWARE\Shop and Save Up
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
Key Found : [x64] HKCU\Software\AnyProtect
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\GoHD
Key Found : [x64] HKCU\Software\Crossbrowse
Key Found : [x64] HKCU\Software\YorkNewCin
Key Found : [x64] HKCU\Software\HighDefAction
Key Found : [x64] HKCU\Software\ArenaHD
Key Found : [x64] HKCU\Software\Shop and Save Up
Key Found : [x64] HKCU\Software\MyBrowser
Key Found : [x64] HKCU\Software\OB
Key Found : [x64] HKCU\Software\GoHD
Key Found : [x64] HKCU\Software\Shop and Save Up
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\YorkNewCin
Key Found : [x64] HKLM\SOFTWARE\HighDefAction
Key Found : [x64] HKLM\SOFTWARE\ArenaHD
Key Found : [x64] HKLM\SOFTWARE\downchecker
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\AppDataLow\Software\Crossrider
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Key Found : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&t ... JDWT301299
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\ExtTag\Temp-Stock.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\ExtTag\Stantech.dll
***** [ Web browsers ] *****
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : isearch.avg.com
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : delta-search.com
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15306 bytes] ##########
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
log z malwerebytes mi sem nejde vložit ... píše mi to, že má příliš mnoho znaků :/
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
Rozděl ho na více částí.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 9. 2015
Čas skenování: 21:49
Protokol:
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.20.03
Databáze rootkitů: v2015.09.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Petr
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 397776
Uplynulý čas: 34 min, 33 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 14
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-10.exe, 2196, , [d15261d18902da5c87c6d8e7ef12aa56]
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10.exe, 2296, , [c55edd55c7c45ed81e742d8ed1300ef2]
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-1-6.exe, 2332, , [ca59c270810a81b5e16cdee1a25ff709]
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6.exe, 2420, , [66bd43ef3e4d8fa79ff31c9f56abd729]
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6.exe, 2432, , [51d2c36f13788ea82c66b50614ed17e9]
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-6.exe, 2500, , [64bf87ab365533032429b80737caae52]
PUP.Optional.Amonetize, C:\Program Files\NixSrv\packages\a699dc14-a780-44f5-b686-00f264e41543\NixHost.exe, 4360, , [e73ce34f107b6cca49d1dbd416eb6b95]
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, 5480, , [8a994ee44744ba7cf5f51c9824ddbe42]
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\jnsbAA0.tmp, 3084, , [e241072bbecdf73f319fb9f138ccbc44]
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\hnsg20B1.tmp, 2720, , [e241072bbecdf73f319fb9f138ccbc44]
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\knsq59D.tmp, 3108, , [e241072bbecdf73f319fb9f138ccbc44]
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe, 3444, , [02215cd6058665d1e813b8eb11f305fb]
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe, 2808, , [6db6260c216a6cca84d4110320e3fd03]
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe, 6752, , [6db6260c216a6cca84d4110320e3fd03]
Moduly: 6
PUP.Optional.Nova, C:\Program Files (x86)\Shop and Save Up\c96f7254-a75b-42a5-9d91-3cc2cf8f591b.dll, , [6eb581b1adde40f624dd9b232dd447b9],
PUP.Optional.Nova, C:\Program Files (x86)\GoHD\d675e2b9-0409-4297-a440-cd2c3ceb34f5.dll, , [3ce729093b50ba7cb8493e8048b902fe],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Stantone.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Temp-Stock.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Temp-Stock.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Silverredkix.dll, , [29faee446625ec4a241fb26830d39070],
Klíče registru: 168
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dowtloddyr, , [8a994ee44744ba7cf5f51c9824ddbe42],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [f52eff332863b680ca356610cc359868],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [f52eff332863b680ca356610cc359868],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [f52eff332863b680ca356610cc359868],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [f52eff332863b680ca356610cc359868],
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Shop and Save Up, , [82a141f1bbd07db9e957e5c390759a66],
PUP.Optional.Downloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GoHD, , [24ffb87ab5d62f07ca2f8b2fc33eba46],
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lehicewu, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gyvixodu, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lylegity, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean Pro_is1, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean-Pro_is1, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.DownChecker, HKLM\SOFTWARE\downchecker, , [27fc53dfc5c64de97b85eb45b1526e92],
PUP.Optional.HighDefAction, HKLM\SOFTWARE\HighDefAction, , [fe25a68c1774a393c42a9d00887c9c64],
PUP.Optional.YorkNewCin, HKLM\SOFTWARE\YorkNewCin, , [f3300131701bcc6a861053748f75f808],
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD, , [7ba8c66ca1ea6bcb20e7c7c5788cb14f],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [ee3559d93d4ec76f2fc2c3d8ab59d62a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [8a99f73b4843eb4b2fc2930817edc040],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [37ec5dd5503b9a9cb14096053fc524dc],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [1d0690a2761577bf549ebbe0768e1ae6],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [f52e6bc77417c76fc131c6d515efea16],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, , [aa798aa8cfbcd26422d078236d9721df],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, , [c95ac56d5b30a78fb53d56457d872bd5],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [0f14161c583373c329c9d8c3a65e6f91],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [e043e44e0f7c4de97d757a21897b936d],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [3be8f83a6f1c88ae8f635f3c16ee36ca],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [76adc56d355678be51a1cccf28dc6799],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [c1628da5503b05316b8789127f858779],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [77acf1417813a591866cbeddc440bd43],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [1a09082abfcc72c4f4fe0c8f0ff542be],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [3de60131fd8ec5719d55adee59ab34cc],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [a182e15190fbb87ed121168581837c84],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [ba6929096a21a2946f838219976dc63a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [071c91a16a21fd39c9292a71d62e10f0],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [c26181b1fc8f73c3f0029cff8480a45c],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [26fd62d02368bc7a04eefc9f9272da26],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [3fe40a28b6d5e452ef0372295ba911ef],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [e142d75b92f9e84eb63c900b58aca55b],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [dd46999929624de922d038638e763fc1],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [180b78ba365585b14ba7bdde63a1bb45],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [a57e91a1fb90ac8afaf8396208fcf10f],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [54cf1d157318e1550fe35f3cc93bc838],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [1f0478bad8b39e98b24036651be957a9],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, , [3fe4052d7b1062d43eb29ffc877d9e62],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, , [e63d3ef4e9a2b58107e9eface81ce31d],
PUP.Optional.CrossRider, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\32846, , [42e17db5b0db81b5d8072072e51fba46],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-1-6, , [44dfe74b94f77bbb8064870ba85c14ec],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-1-7, , [77acce640b80bb7b994bf59d62a29c64],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-10_user, , [aa797bb7fa91fd39984c078b05ff21df],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-3, , [68bbd260e7a4e0562db7830fa0641de3],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-5, , [5ec5b1817d0e3ff70fd53062877d0df3],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-5_user, , [24ff9d95216a5dd91ec6c6ccaa5ad729],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-6, , [27fc7cb6880305316a7ae6ac36ce0df3],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-7, , [cd5672c0fc8f24128e56ace61de712ee],
PUP.Optional.RegCleanerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASP, , [0a195ad8f794c4726e2d151b52b1619f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6, , [3be86bc7f49749ed1fc5642e22e239c7],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7, , [da491d155833b185b92bbad8ad57bb45],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user, , [f42f1b17a6e5e056a3417f13a55fdb25],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3, , [e93ae151701be05636aed8ba6c98aa56],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5, , [27fcca68335865d1c222f49ed52f4eb2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user, , [69bac969a1ea2313c420068c19eb3ec2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6, , [57cc88aa8209fd39776dc9c9de263ec2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7, , [f62dd2600a812313ce167022e81c9d63],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, , [0f14b77b74173afc84712576c34139c7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, , [cb58ed452269b77fc3338516b84cb848],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snf, , [4ad949e97e0d023433b03a6911f3e020],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snp, , [77ac80b259321c1a41a3178cd430d42c],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [2ff409298902eb4b0bf90dc5c63e30d0],
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\Crossbrowse, , [2df6a38f55360a2c8754b1de3dc749b7],
PUP.Optional.DownChecker, HKLM\SOFTWARE\WOW6432NODE\downchecker, , [51d26cc68704a690be42a48c1ce77f81],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD, , [f72c7fb3a3e86fc72cff1c80a55f6f91],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv, , [140fa58d5239d06698943963fa0a619f],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv-ie, , [79aa8ba7315a69cdbb71f1ab58ac718f],
PUP.Optional.HighDefAction, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, , [75aef83a2269a0969856930a976d8977],
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [27fc3200b4d7ff3737b2e45b0cf732ce],
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MyBrowser, , [66bda48ecebd3501bbbbc40aed17b14f],
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [e1420e249ceff83e8f0fdf5af90a6c94],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up, , [bf6454de0c7f03336b6bbefaea1a6e92],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv, , [81a25bd7a9e2ad893d9a4b6dc440fc04],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, , [9e85d260c8c3ab8b02d5397f0afa54ac],
PUP.Optional.WdsManPro, HKLM\SOFTWARE\WOW6432NODE\WdsManPro, , [39ea11217813c86e9952696509fb9967],
PUP.Optional.YorkNewCin, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, , [55ce3cf64a41ad89fa9cbb0cc93b9b65],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [bd66fd35b9d29d9983534b47f410ca36],
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, , [7ea5fc360a815dd90205b2da867e20e0],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [43e07bb7becd6dc99a577d1e0400b749],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [879c12201a710d29658c1883e222e719],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [5fc4e151d7b448ee4aa79cff669e966a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [6fb4ca68a0eb75c1cf237229a16314ec],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [cd5636fc1c6f0e2827cbf5a648bc738d],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, , [121153dff09b6acc688a6a3193710cf4],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, , [988bae8489023105a2507328aa5a01ff],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [24ffc0724744c472955d1487db29c040],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [a182939fdead092d40b2e1baa3615ea2],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [7fa40e24d3b881b5e30f1c7f659f4eb2],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [64bfc969b2d9fb3bde14346713f1629e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [a97a082a7417e056de143665ac58bb45],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [65bedf537b107abc37bbd3c88e76f808],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [7aa947ebcebd79bd3cb6f2a9ea1a867a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [3ce7141ef09b58de6092405b838132ce],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [ab78c2709cef63d314ded1cadd27649c],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [d74c939fa8e37cbac2306a31788c60a0],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [f52eb181711aac8ac42ecdce956f5ca4],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [a67d50e25e2d48eef6fc7a21877d11ef],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [46dd0032c0cbc175f5fd7f1c9272f010],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [160dda58d2b967cf5999cccfb64e04fc],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [69ba1d150289e0560ee4d7c4a55f7b85],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [e340de542764e551de144b50d82cd62a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [40e302304c3f62d4f7fb0c8fc044c53b],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [63c02f03e5a69c9a14de316a22e20ef2],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [fe2578ba5a319d99985a306b55af6997],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [0122dd558dfec86eb43e4c4fc1439c64],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, , [f72c969c1d6e2c0a9e525f3c2dd7f50b],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, , [210254de058649ed3bb93f5c986c31cf],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\32846, , [bd66ce64553658de29b697fb0afad927],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, , [69ba89a9345748eeb7209ddf45bf659b],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [1b08d062c8c30a2c5aaaf7dbc93b6f91],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [849f10222b60280e8268ccf721e317e9],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [36edae84e5a6ff37ef09d4c720e48080],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [2102ed453f4c4de9e2156e2d7c882ed2],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, , [ea39161c95f601358dfd9f149d679f61],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [ec37a1915c2f73c30433bd8652b1956b],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, , [02215cd6058665d1e813b8eb11f305fb],
PUP.Optional.ProtectWindowsManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WDSMANPRO, , [2cf7d45e791257df36c489a60af951af],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv, , [f231fd357219ad897ea95b4159abb64a],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv-ie, , [b66d3cf63a5124129394b5e7c73de11f],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv, , [5bc874bea0eb9b9bca0b1b9d9f65ca36],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv-ie, , [a3808ba795f6092d4293cfe95aaab54b],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [42e1e64c4249a1950091e2af00044db3],
PUP.Optional.Cinema, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaP-1.9cV19.09-nv-ie, , [75ae67cb74171d195420bbd092726b95],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaPlus-3.2cV19.09-nv-ie, , [140f68ca69220432698e0d7ef90b619f],
PUP.Optional.CrossBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Crossbrowse, , [d64d3af8a4e7ca6c4c8a98f75fa503fd],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD, , [61c29999b1da2b0b43e3dac2ba4a15eb],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv, , [4ed53ef40d7e4aeca681f0ac50b46f91],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv-ie, , [9c8770c2256681b56eb9b2eadb29e31d],
PUP.Optional.HighDefAction, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\HighDefAction, , [26fd7cb68b00ec4a11dce9b461a3f50b],
PUP.Optional.MyBrowser, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MyBrowser, , [51d27eb4f992b87e2ab4804edd2704fc],
PUP.Optional.SavePass, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SavePass 1.1-nv-ie, , [c85b65cdd9b292a476e1476e16eebd43],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up, , [150e5cd6f4972115c50fefc946be629e],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv, , [071c9f93d8b383b3d7fe9b1d6b99728e],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv-ie, , [e04361d15b30de58d104f5c3e81ced13],
PUP.Optional.YorkNewCin, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\YorkNewCin, , [4ad9cc66088396a0cacb3e891ee62fd1],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [f1323cf6315ac076b2df613043c1dd23],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\ARENAHD, , [2af9a88ad6b5c0769d4bff8cd13313ed],
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [57cc0032bbd0cd69f6fd28735da756aa],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\32846, , [53d072c08506e3530a9cabe6857f9d63],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\InstallMonetizer, , [7aa962d00784d660ad7c751dee167090],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\InstallMoon, , [7da6d161c4c73afc6dbd137f2ada659b],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, , [ef3440f2e9a23105954f1f11c63de51b],
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB, , [56cd2d053a51a98d6abfd7d7f311dd23],
PUP.Optional.RegCleanerPro, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SYSTWEAK\RegClean Pro, , [e83bb082bccfde58bfc42c87e024e51b],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SYSTWEAK\ssd, , [9c87ba78ff8cd264191d6ad98182916f],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.ExtTag, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ExtTag, , [6db6260c216a6cca84d4110320e3fd03],
Hodnoty registru: 28
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD|value, 1, , [7ba8c66ca1ea6bcb20e7c7c5788cb14f]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [3fe4052d7b1062d43eb29ffc877d9e62]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [e63d3ef4e9a2b58107e9eface81ce31d]
PUP.Optional.PCTuner, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, , [170c2c064249ce68260d7d32d2329c64]
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, , [7ea5fc360a815dd90205b2da867e20e0]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [f72c969c1d6e2c0a9e525f3c2dd7f50b]
PUP.Optional.PCTuner, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, , [4ad961d1b3d8c472e44f872814f09868]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, , [69ba89a9345748eeb7209ddf45bf659b]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [978c9c9648430f2730a882fa9d675da3]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [43e0c969d0bb50e69049d3a92ed68977]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gyvixodu|ImagePath, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\hnsg20B1.tmp, , [f82b55ddcebd46f04cb0476337cdbb45]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lehicewu|ImagePath, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\jnsbAA0.tmp, , [34eff83a29623afc5e9d55557391c33d]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lylegity|ImagePath, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\knsq59D.tmp, , [d54e75bd6229f145b843baf07c88847c]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, , [02215cd6058665d1e813b8eb11f305fb]
PUP.Optional.ProtectWindowsManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WdsManPro|ImagePath, C:\ProgramData\2WdsManPro2\WdsManPro.exe -service, , [2cf7d45e791257df36c489a60af951af]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, , [0e152012cdbe58dea62d891a2ed603fd]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F. ... llDate=19., , [919279b9c7c4fd39f6dee9ba37cd9c64]
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\ARENAHD|value, 1, , [2af9a88ad6b5c0769d4bff8cd13313ed]
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [57cc0032bbd0cd69f6fd28735da756aa]
PUP.Optional.PCTuner, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\HIGHDEFACTION|value, 1, , [8f94d260216a280eb976d4db2ed646ba]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, , [ef3440f2e9a23105954f1f11c63de51b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [6ab979b9d6b550e6f9dc176556ae0df3]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [57cc4de5404b9e985d79027a6d97847c]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype20, 9/19/15 22:21:16, , [56cd2d053a51a98d6abfd7d7f311dd23]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype24, 9/19/15 22:21:16, , [2bf8d85aa1eaf1450c1d4f5ffd078e72]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype27, 9/19/15 22:21:16, , [44df3bf7cbc095a1e940288690742dd3]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype21, 9/19/15 22:22:31, , [76ade1514d3e9b9b2cfd743a07fd6a96]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype15, 9/19/15 22:24:39, , [d64d5ad8c4c78aacde4baa04ed1718e8]
www.malwarebytes.org
Datum skenování: 20. 9. 2015
Čas skenování: 21:49
Protokol:
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.20.03
Databáze rootkitů: v2015.09.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Petr
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 397776
Uplynulý čas: 34 min, 33 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 14
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-10.exe, 2196, , [d15261d18902da5c87c6d8e7ef12aa56]
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10.exe, 2296, , [c55edd55c7c45ed81e742d8ed1300ef2]
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-1-6.exe, 2332, , [ca59c270810a81b5e16cdee1a25ff709]
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6.exe, 2420, , [66bd43ef3e4d8fa79ff31c9f56abd729]
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6.exe, 2432, , [51d2c36f13788ea82c66b50614ed17e9]
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-6.exe, 2500, , [64bf87ab365533032429b80737caae52]
PUP.Optional.Amonetize, C:\Program Files\NixSrv\packages\a699dc14-a780-44f5-b686-00f264e41543\NixHost.exe, 4360, , [e73ce34f107b6cca49d1dbd416eb6b95]
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, 5480, , [8a994ee44744ba7cf5f51c9824ddbe42]
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\jnsbAA0.tmp, 3084, , [e241072bbecdf73f319fb9f138ccbc44]
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\hnsg20B1.tmp, 2720, , [e241072bbecdf73f319fb9f138ccbc44]
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\knsq59D.tmp, 3108, , [e241072bbecdf73f319fb9f138ccbc44]
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe, 3444, , [02215cd6058665d1e813b8eb11f305fb]
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe, 2808, , [6db6260c216a6cca84d4110320e3fd03]
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe, 6752, , [6db6260c216a6cca84d4110320e3fd03]
Moduly: 6
PUP.Optional.Nova, C:\Program Files (x86)\Shop and Save Up\c96f7254-a75b-42a5-9d91-3cc2cf8f591b.dll, , [6eb581b1adde40f624dd9b232dd447b9],
PUP.Optional.Nova, C:\Program Files (x86)\GoHD\d675e2b9-0409-4297-a440-cd2c3ceb34f5.dll, , [3ce729093b50ba7cb8493e8048b902fe],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Stantone.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Temp-Stock.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Temp-Stock.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Silverredkix.dll, , [29faee446625ec4a241fb26830d39070],
Klíče registru: 168
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dowtloddyr, , [8a994ee44744ba7cf5f51c9824ddbe42],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [f52eff332863b680ca356610cc359868],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [f52eff332863b680ca356610cc359868],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [f52eff332863b680ca356610cc359868],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [f52eff332863b680ca356610cc359868],
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Shop and Save Up, , [82a141f1bbd07db9e957e5c390759a66],
PUP.Optional.Downloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GoHD, , [24ffb87ab5d62f07ca2f8b2fc33eba46],
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lehicewu, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gyvixodu, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lylegity, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean Pro_is1, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean-Pro_is1, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.DownChecker, HKLM\SOFTWARE\downchecker, , [27fc53dfc5c64de97b85eb45b1526e92],
PUP.Optional.HighDefAction, HKLM\SOFTWARE\HighDefAction, , [fe25a68c1774a393c42a9d00887c9c64],
PUP.Optional.YorkNewCin, HKLM\SOFTWARE\YorkNewCin, , [f3300131701bcc6a861053748f75f808],
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD, , [7ba8c66ca1ea6bcb20e7c7c5788cb14f],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [ee3559d93d4ec76f2fc2c3d8ab59d62a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [8a99f73b4843eb4b2fc2930817edc040],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [37ec5dd5503b9a9cb14096053fc524dc],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [1d0690a2761577bf549ebbe0768e1ae6],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [f52e6bc77417c76fc131c6d515efea16],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, , [aa798aa8cfbcd26422d078236d9721df],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, , [c95ac56d5b30a78fb53d56457d872bd5],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [0f14161c583373c329c9d8c3a65e6f91],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [e043e44e0f7c4de97d757a21897b936d],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [3be8f83a6f1c88ae8f635f3c16ee36ca],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [76adc56d355678be51a1cccf28dc6799],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [c1628da5503b05316b8789127f858779],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [77acf1417813a591866cbeddc440bd43],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [1a09082abfcc72c4f4fe0c8f0ff542be],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [3de60131fd8ec5719d55adee59ab34cc],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [a182e15190fbb87ed121168581837c84],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [ba6929096a21a2946f838219976dc63a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [071c91a16a21fd39c9292a71d62e10f0],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [c26181b1fc8f73c3f0029cff8480a45c],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [26fd62d02368bc7a04eefc9f9272da26],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [3fe40a28b6d5e452ef0372295ba911ef],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [e142d75b92f9e84eb63c900b58aca55b],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [dd46999929624de922d038638e763fc1],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [180b78ba365585b14ba7bdde63a1bb45],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [a57e91a1fb90ac8afaf8396208fcf10f],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [54cf1d157318e1550fe35f3cc93bc838],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [1f0478bad8b39e98b24036651be957a9],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, , [3fe4052d7b1062d43eb29ffc877d9e62],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, , [e63d3ef4e9a2b58107e9eface81ce31d],
PUP.Optional.CrossRider, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\32846, , [42e17db5b0db81b5d8072072e51fba46],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-1-6, , [44dfe74b94f77bbb8064870ba85c14ec],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-1-7, , [77acce640b80bb7b994bf59d62a29c64],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-10_user, , [aa797bb7fa91fd39984c078b05ff21df],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-3, , [68bbd260e7a4e0562db7830fa0641de3],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-5, , [5ec5b1817d0e3ff70fd53062877d0df3],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-5_user, , [24ff9d95216a5dd91ec6c6ccaa5ad729],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-6, , [27fc7cb6880305316a7ae6ac36ce0df3],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\a22065ff-036a-4dd1-ae58-e19143869784-7, , [cd5672c0fc8f24128e56ace61de712ee],
PUP.Optional.RegCleanerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASP, , [0a195ad8f794c4726e2d151b52b1619f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6, , [3be86bc7f49749ed1fc5642e22e239c7],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7, , [da491d155833b185b92bbad8ad57bb45],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user, , [f42f1b17a6e5e056a3417f13a55fdb25],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3, , [e93ae151701be05636aed8ba6c98aa56],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5, , [27fcca68335865d1c222f49ed52f4eb2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user, , [69bac969a1ea2313c420068c19eb3ec2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6, , [57cc88aa8209fd39776dc9c9de263ec2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7, , [f62dd2600a812313ce167022e81c9d63],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, , [0f14b77b74173afc84712576c34139c7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, , [cb58ed452269b77fc3338516b84cb848],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snf, , [4ad949e97e0d023433b03a6911f3e020],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snp, , [77ac80b259321c1a41a3178cd430d42c],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [2ff409298902eb4b0bf90dc5c63e30d0],
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\Crossbrowse, , [2df6a38f55360a2c8754b1de3dc749b7],
PUP.Optional.DownChecker, HKLM\SOFTWARE\WOW6432NODE\downchecker, , [51d26cc68704a690be42a48c1ce77f81],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD, , [f72c7fb3a3e86fc72cff1c80a55f6f91],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv, , [140fa58d5239d06698943963fa0a619f],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv-ie, , [79aa8ba7315a69cdbb71f1ab58ac718f],
PUP.Optional.HighDefAction, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, , [75aef83a2269a0969856930a976d8977],
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [27fc3200b4d7ff3737b2e45b0cf732ce],
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MyBrowser, , [66bda48ecebd3501bbbbc40aed17b14f],
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [e1420e249ceff83e8f0fdf5af90a6c94],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up, , [bf6454de0c7f03336b6bbefaea1a6e92],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv, , [81a25bd7a9e2ad893d9a4b6dc440fc04],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, , [9e85d260c8c3ab8b02d5397f0afa54ac],
PUP.Optional.WdsManPro, HKLM\SOFTWARE\WOW6432NODE\WdsManPro, , [39ea11217813c86e9952696509fb9967],
PUP.Optional.YorkNewCin, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, , [55ce3cf64a41ad89fa9cbb0cc93b9b65],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [bd66fd35b9d29d9983534b47f410ca36],
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, , [7ea5fc360a815dd90205b2da867e20e0],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [43e07bb7becd6dc99a577d1e0400b749],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [879c12201a710d29658c1883e222e719],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [5fc4e151d7b448ee4aa79cff669e966a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [6fb4ca68a0eb75c1cf237229a16314ec],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [cd5636fc1c6f0e2827cbf5a648bc738d],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, , [121153dff09b6acc688a6a3193710cf4],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, , [988bae8489023105a2507328aa5a01ff],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [24ffc0724744c472955d1487db29c040],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [a182939fdead092d40b2e1baa3615ea2],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [7fa40e24d3b881b5e30f1c7f659f4eb2],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [64bfc969b2d9fb3bde14346713f1629e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [a97a082a7417e056de143665ac58bb45],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [65bedf537b107abc37bbd3c88e76f808],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [7aa947ebcebd79bd3cb6f2a9ea1a867a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [3ce7141ef09b58de6092405b838132ce],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [ab78c2709cef63d314ded1cadd27649c],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [d74c939fa8e37cbac2306a31788c60a0],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [f52eb181711aac8ac42ecdce956f5ca4],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [a67d50e25e2d48eef6fc7a21877d11ef],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [46dd0032c0cbc175f5fd7f1c9272f010],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [160dda58d2b967cf5999cccfb64e04fc],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [69ba1d150289e0560ee4d7c4a55f7b85],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [e340de542764e551de144b50d82cd62a],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [40e302304c3f62d4f7fb0c8fc044c53b],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [63c02f03e5a69c9a14de316a22e20ef2],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [fe2578ba5a319d99985a306b55af6997],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [0122dd558dfec86eb43e4c4fc1439c64],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, , [f72c969c1d6e2c0a9e525f3c2dd7f50b],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, , [210254de058649ed3bb93f5c986c31cf],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\32846, , [bd66ce64553658de29b697fb0afad927],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, , [69ba89a9345748eeb7209ddf45bf659b],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [1b08d062c8c30a2c5aaaf7dbc93b6f91],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [849f10222b60280e8268ccf721e317e9],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [36edae84e5a6ff37ef09d4c720e48080],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [2102ed453f4c4de9e2156e2d7c882ed2],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, , [ea39161c95f601358dfd9f149d679f61],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [ec37a1915c2f73c30433bd8652b1956b],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, , [02215cd6058665d1e813b8eb11f305fb],
PUP.Optional.ProtectWindowsManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WDSMANPRO, , [2cf7d45e791257df36c489a60af951af],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv, , [f231fd357219ad897ea95b4159abb64a],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv-ie, , [b66d3cf63a5124129394b5e7c73de11f],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv, , [5bc874bea0eb9b9bca0b1b9d9f65ca36],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv-ie, , [a3808ba795f6092d4293cfe95aaab54b],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [42e1e64c4249a1950091e2af00044db3],
PUP.Optional.Cinema, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaP-1.9cV19.09-nv-ie, , [75ae67cb74171d195420bbd092726b95],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaPlus-3.2cV19.09-nv-ie, , [140f68ca69220432698e0d7ef90b619f],
PUP.Optional.CrossBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Crossbrowse, , [d64d3af8a4e7ca6c4c8a98f75fa503fd],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD, , [61c29999b1da2b0b43e3dac2ba4a15eb],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv, , [4ed53ef40d7e4aeca681f0ac50b46f91],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv-ie, , [9c8770c2256681b56eb9b2eadb29e31d],
PUP.Optional.HighDefAction, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\HighDefAction, , [26fd7cb68b00ec4a11dce9b461a3f50b],
PUP.Optional.MyBrowser, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MyBrowser, , [51d27eb4f992b87e2ab4804edd2704fc],
PUP.Optional.SavePass, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SavePass 1.1-nv-ie, , [c85b65cdd9b292a476e1476e16eebd43],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up, , [150e5cd6f4972115c50fefc946be629e],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv, , [071c9f93d8b383b3d7fe9b1d6b99728e],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv-ie, , [e04361d15b30de58d104f5c3e81ced13],
PUP.Optional.YorkNewCin, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\YorkNewCin, , [4ad9cc66088396a0cacb3e891ee62fd1],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [f1323cf6315ac076b2df613043c1dd23],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\ARENAHD, , [2af9a88ad6b5c0769d4bff8cd13313ed],
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [57cc0032bbd0cd69f6fd28735da756aa],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\32846, , [53d072c08506e3530a9cabe6857f9d63],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\InstallMonetizer, , [7aa962d00784d660ad7c751dee167090],
PUP.Optional.CrossRider, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\InstallMoon, , [7da6d161c4c73afc6dbd137f2ada659b],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, , [ef3440f2e9a23105954f1f11c63de51b],
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB, , [56cd2d053a51a98d6abfd7d7f311dd23],
PUP.Optional.RegCleanerPro, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SYSTWEAK\RegClean Pro, , [e83bb082bccfde58bfc42c87e024e51b],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SYSTWEAK\ssd, , [9c87ba78ff8cd264191d6ad98182916f],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.ExtTag, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ExtTag, , [6db6260c216a6cca84d4110320e3fd03],
Hodnoty registru: 28
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD|value, 1, , [7ba8c66ca1ea6bcb20e7c7c5788cb14f]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [3fe4052d7b1062d43eb29ffc877d9e62]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [e63d3ef4e9a2b58107e9eface81ce31d]
PUP.Optional.PCTuner, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, , [170c2c064249ce68260d7d32d2329c64]
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, , [7ea5fc360a815dd90205b2da867e20e0]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [f72c969c1d6e2c0a9e525f3c2dd7f50b]
PUP.Optional.PCTuner, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, , [4ad961d1b3d8c472e44f872814f09868]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, , [69ba89a9345748eeb7209ddf45bf659b]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [978c9c9648430f2730a882fa9d675da3]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [43e0c969d0bb50e69049d3a92ed68977]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gyvixodu|ImagePath, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\hnsg20B1.tmp, , [f82b55ddcebd46f04cb0476337cdbb45]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lehicewu|ImagePath, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\jnsbAA0.tmp, , [34eff83a29623afc5e9d55557391c33d]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lylegity|ImagePath, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\knsq59D.tmp, , [d54e75bd6229f145b843baf07c88847c]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, , [02215cd6058665d1e813b8eb11f305fb]
PUP.Optional.ProtectWindowsManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WdsManPro|ImagePath, C:\ProgramData\2WdsManPro2\WdsManPro.exe -service, , [2cf7d45e791257df36c489a60af951af]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, , [0e152012cdbe58dea62d891a2ed603fd]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F. ... llDate=19., , [919279b9c7c4fd39f6dee9ba37cd9c64]
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\ARENAHD|value, 1, , [2af9a88ad6b5c0769d4bff8cd13313ed]
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [57cc0032bbd0cd69f6fd28735da756aa]
PUP.Optional.PCTuner, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\HIGHDEFACTION|value, 1, , [8f94d260216a280eb976d4db2ed646ba]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, , [ef3440f2e9a23105954f1f11c63de51b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [6ab979b9d6b550e6f9dc176556ae0df3]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, , [57cc4de5404b9e985d79027a6d97847c]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype20, 9/19/15 22:21:16, , [56cd2d053a51a98d6abfd7d7f311dd23]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype24, 9/19/15 22:21:16, , [2bf8d85aa1eaf1450c1d4f5ffd078e72]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype27, 9/19/15 22:21:16, , [44df3bf7cbc095a1e940288690742dd3]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype21, 9/19/15 22:22:31, , [76ade1514d3e9b9b2cfd743a07fd6a96]
PUP.Optional.OutBrowse, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\OB|monitype15, 9/19/15 22:24:39, , [d64d5ad8c4c78aacde4baa04ed1718e8]
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
Data registru: 13
PUP.Optional.ExtTag, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ExtTag\Stantech.dll, Dobré: (), Špatné: (C:\ProgramData\ExtTag\Stantech.dll),,[6db6260c216a6cca84d4110320e3fd03]
PUP.Optional.ExtTag, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ExtTag\Temp-Stock.dll, Dobré: (), Špatné: (C:\ProgramData\ExtTag\Temp-Stock.dll),,[6db6260c216a6cca84d4110320e3fd03]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299, Dobré: (Chrome.exe), Špatné: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299),,[9a89c36fd1ba261025df214721e4ce32]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299),,[2af95dd5deade84e172a551362a30df3]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299, Dobré: (Chrome.exe), Špatné: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299),,[28fbf24043480333877d8cdc51b4bd43]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299),,[44df70c28308dc5a62dfc4a4fd088779]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[69ba78baef9c5fd7e6430072b94c926e]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[30f3f04243488babd0531e5434d1e51b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F. ... 6vv2RdNpg,, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F. ... F6vv2RdNpg,),,[48db131f206b74c223014a2834d1be42]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[25fe60d2e5a69c9a55cef2809e67f40c]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[a57e072b94f78caa69baa2d038cd629e]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[f33061d184079b9b69bcc7ab7d887c84]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[f42f8ea478136dc986a079f9976e7b85]
Složky: 43
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up, , [f033ea48f59664d2601019782cd828d8],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD, , [ee35d55d4942300622fa4c50887ca759],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Petr\AppData\Roaming\istartsurf, , [42e135fdd9b2be787682bc42c33fa25e],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Roaming\mystartsearch, , [31f2c072d0bb38fefaf06b972bd820e0],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{3AED5EC3-EB4C-4E2E-9785-4C61F0C1FC4E}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{3AED5EC3-EB4C-4E2E-9785-4C61F0C1FC4E}\1.3.25.33, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{BCFD65EB-318D-4892-B3C4-13554037EEF8}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{BCFD65EB-318D-4892-B3C4-13554037EEF8}\1.3.25.33, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Install, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Offline, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Offline\{C4C388A3-2A1B-4DDA-8E5F-88A7AFAFAB88}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\installer, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\language, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\logs, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\scan_results, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\swf, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx, , [e63d54deef9c5dd9664628dc53b0c838],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ondemand, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\temp, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.Linkury, C:\ProgramData\Saophase, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\ondemand, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\temp, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophases, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.RegCleanerPro, C:\Users\Petr\AppData\Roaming\systweak\regclean pro, , [32f15bd71675f541b2e0c06222e118e8],
PUP.Optional.VOPackage, C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [d251b1818b00181e04e82dfd30d342be],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2, , [fb288aa86724f93d7afd3bf215ee15eb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\update, , [fb288aa86724f93d7afd3bf215ee15eb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\4WdsManPro4, , [bb68d35ffa91cc6a275033fa17ecfe02],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\9WdsManPro9, , [65bebc76a0eb38fedc9bff2e2bd88c74],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\QWdsManProQ, , [32f19b978b00aa8ca9ceca6347bc6b95],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\UWdsManProU, , [9e85ef43a9e2b383a6d12d001ce7d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\UWdsManProU\update, , [9e85ef43a9e2b383a6d12d001ce7d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\iWdsManProi, , [37ece2507a11df5714632ffe8f74d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\iWdsManProi\update, , [37ece2507a11df5714632ffe8f74d32d],
Soubory: 236
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-10.exe, , [d15261d18902da5c87c6d8e7ef12aa56],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10.exe, , [c55edd55c7c45ed81e742d8ed1300ef2],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-1-6.exe, , [ca59c270810a81b5e16cdee1a25ff709],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6.exe, , [66bd43ef3e4d8fa79ff31c9f56abd729],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6.exe, , [51d2c36f13788ea82c66b50614ed17e9],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-6.exe, , [64bf87ab365533032429b80737caae52],
PUP.Optional.Amonetize, C:\Program Files\NixSrv\packages\a699dc14-a780-44f5-b686-00f264e41543\NixHost.exe, , [e73ce34f107b6cca49d1dbd416eb6b95],
PUP.Optional.Nova, C:\Program Files (x86)\Shop and Save Up\c96f7254-a75b-42a5-9d91-3cc2cf8f591b.dll, , [6eb581b1adde40f624dd9b232dd447b9],
PUP.Optional.Nova, C:\Program Files (x86)\GoHD\d675e2b9-0409-4297-a440-cd2c3ceb34f5.dll, , [3ce729093b50ba7cb8493e8048b902fe],
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, , [8a994ee44744ba7cf5f51c9824ddbe42],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe, , [f52eff332863b680ca356610cc359868],
PUP.Optional.WProtectManager, C:\ProgramData\9WdsManPro9\WdsManPro.exe, , [e83ba58dd1ba55e1200701a8cf36b54b],
PUP.Optional.WProtectManager, C:\ProgramData\iWdsManProi\WdsManPro.exe, , [c3601a182e5d0c2ace5927827e87f907],
PUP.Optional.WProtectManager, C:\ProgramData\QWdsManProQ\WdsManPro.exe, , [f82bc969701ba88e2304ecbd10f524dc],
PUP.Optional.WProtectManager, C:\ProgramData\UWdsManProU\WdsManPro.exe, , [ba690f237a1189ade1469d0c9b6a0cf4],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe, , [f0333ef42f5ce84e5a25ac0e867b42be],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe, , [c45fff33d5b641f5fe81b4068e73e61a],
PUP.Optional.CrossRider, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\5a733d5e-2e55-47ff-9935-b8f193fb87c0.dll, , [ec37d75b404b54e205a55165c43dcc34],
PUP.Optional.Nova, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\6f96fffe-2e83-451f-b16b-bf0973ac8a86.dll, , [36ed31016526fe38f50c3a84fb06da26],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\1f0612da-adbb-49ac-be02-f64b100d5099.dll, , [46dd11218dfedd5946bbc9f5936e48b8],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\31454a64-4584-414e-aa57-81b4b2ed0940.dll, , [c95ab28053388da9cedc199d847df40c],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\8579675e-0d83-428a-b94c-de013a909c63.dll, , [ea390d25385396a06a40bff77d84dd23],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\ddab2ea5-ea5b-4de7-8181-5de9a3961545.dll, , [42e1a88aaeddad890df4299523de55ab],
PUP.Optional.CrossRider, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\044ac850-89dc-4e0f-ae71-926999ab476c.dll, , [c162fe348a012610e0cab40211f05ea2],
PUP.Optional.Nova, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\8f07da27-cad3-4b7d-8612-48c7c123053a.dll, , [2cf751e1b2d9ad89b74a2d91fc0547b9],
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up\37d865c2-6010-4668-8c4f-1e45ede0af48.dll, , [25fe2b07bdcedc5a3e6c9d19738eab55],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-1-7.exe, , [36edd35fb9d2ea4c3c114679b34e30d0],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-3.exe, , [f3303df5e5a686b0ed60754a0ff25ea2],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-5.exe, , [42e15bd7187356e071dca41bcd344ab6],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-64.exe, , [70b30d25612a0c2af954dbe4aa57926e],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-7.exe, , [55ce221035565fd7014c3887a35eaf51],
PUP.Optional.InstallCore, C:\Program Files (x86)\Shop and Save Up\Uninstall.exe, , [82a141f1bbd07db9e957e5c390759a66],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\UninstallBrw.exe, , [69bac56de1aaac8a371667584bb66997],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\utils.exe, , [2003fa38d4b7f046ea633986b8493dc3],
PUP.Optional.CrossRider, C:\Program Files (x86)\GoHD\0a5d9d92-4438-4f19-8e1c-bb966a0f9088.dll, , [3fe460d2335889adfdad2e882dd48977],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7.exe, , [2ff464cef6958fa7d7bb94270bf635cb],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3.exe, , [869d6fc31a71f0465e341c9fe51c05fb],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5.exe, , [1e05320069228aac5939a11abc45a35d],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-64.exe, , [7da67fb397f406306a284f6c39c8a759],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7.exe, , [1a09f2400c7f2e08d7bb2a9150b1f60a],
PUP.Optional.Downloader, C:\Program Files (x86)\GoHD\Uninstall.exe, , [24ffb87ab5d62f07ca2f8b2fc33eba46],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\UninstallBrw.exe, , [39ea55dd137885b14949417ad42d9868],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\utils.exe, , [b271fd351e6de056821003b8bd442ad6],
PUP.Optional.Systweak, C:\Windows\System32\roboot64.exe, , [22013ff3e5a63006f5e6d0ef956c03fd],
PUP.Optional.Bundler, c:\users\petr\appdata\local\temp\etilqs_ki3qohfa47huskx, , [1013af837e0d2511346a1547936db050],
PUP.Optional.PreInstaller, c:\users\petr\appdata\local\temp\etilqs_u5xgonasf3ickgc, , [8b98a58db2d9c2744845803ece332cd4],
Trojan.Agent, C:\Windows\Temp\nsa4F29.exe, , [958eae844f3cfd3912c46de720e5c53b],
RiskWare.CRK, C:\Users\Public\Win 8 aktivace\Windows 8 KMS Activator.rar, , [72b138fabbd00a2c5f95b0e347bba35d],
PUP.Optional.Bundler, C:\Users\Petr\AppData\Local\Temp\fsd120A.exe, , [7aa9f73bf99233031f7f302c55ab1ce4],
PUP.Optional.PreInstaller, C:\Users\Petr\AppData\Local\Temp\nsc8E4.tmp, , [f132ff33b6d54cea2568308e04fdad53],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Local\Temp\nsiD6BA.tmp, , [041f6dc5454665d19a2a5733c939eb15],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Local\Temp\nsmE4D6.tmp, , [ae75ff3356354ceaac51e1c11ce9b749],
Trojan.MSIL.Dropper, C:\Users\Petr\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, , [61c2a98909822e0819bf173f27de1fe1],
PUP.Optional.RegCleanerPro, C:\Users\Public\Desktop\RegClean Pro.lnk, , [e43f0a286625f0469f90be829c67b64a],
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\ASP, , [1c070d254942bf77aa88d56bfa09718f],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-6, , [fa29f73b830852e4970bd5ad40c41be5],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-7, , [af742e04d1ba43f3bee4f58d32d2c13f],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-10_user, , [fc273df50f7c2d092e742b5707fd8f71],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-3, , [30f3e74b216a2d095f43661c06fe16ea],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5, , [24ffe052226946f04b57572b4fb5f40c],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5_user, , [e24146ec7c0fe056257dafd3cf35c23e],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-6, , [63c0b2804d3ec076762c651d14f007f9],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-7, , [140ff43e1774c76f3b672161d72d1ae6],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6, , [f72c60d2acdf3ef8fba7bdc5b252be42],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7, , [fe254fe30d7e6fc7cad81969a361ec14],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user, , [2ef5a48e96f563d30c96a4de749045bb],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3, , [7da6f73b3457d95d0b9789f9e22201ff],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5, , [e043ce646427f1456c36671bcc38847c],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user, , [1013ec46335871c54f53bcc65fa5d52b],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6, , [8a9966cc593288aee1c1a5dd13f125db],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7, , [889bca688308c274089a85fddd27a858],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-6.job, , [a67d082a701b93a3396ac8baf212e818],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-7.job, , [b76cd959d9b253e3693a1c661aeacb35],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-10_user.job, , [e63dcc66890255e1dcc7c4bed13343bd],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-3.job, , [9192d65caddebe784e55a2e071935ea2],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5.job, , [9b88cd65bccf082e653e8bf7927233cd],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5_user.job, , [35eeb77ba9e2bc7a653eafd36e969e62],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-6.job, , [b66d1a18602bd75f247f70127193d030],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-7.job, , [32f1b979c9c2ec4ad3d0b3cf9c687090],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6.job, , [958e6cc6731892a44f545a286d972fd1],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7.job, , [c162a58d860594a201a2bcc6e91bc53b],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user.job, , [6db63cf6e0ab1620a102374bcc38a759],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3.job, , [71b2b082f49762d4ccd7265c838139c7],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5.job, , [150e36fce1aa25119e0586fc83810ff1],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user.job, , [7ba89d955c2f39fd2281166c0202827e],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6.job, , [a18267cb90fbdb5bf1b21e642bd90ef2],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7.job, , [a57e6ec43b509d99a7fc98ead62eb34d],
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up\bgNova.html, , [f033ea48f59664d2601019782cd828d8],
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up\c96f7254-a75b-42a5-9d91-3cc2cf8f591b.crx, , [f033ea48f59664d2601019782cd828d8],
PUP.Optional.GlobalUpdate, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [5ac97fb35d2e60d6b3389a0118ecff01],
PUP.Optional.GlobalUpdate, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [f62d7bb739528caad319afec61a39868],
PUP.Optional.GlobalUpdate, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [a1829b97a9e23ef814da564547bd9d63],
PUP.Optional.GlobalUpdate, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [ca59f53d9cef8aac17d88f0cd82cd32d],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\bgNova.html, , [ee35d55d4942300622fa4c50887ca759],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\d675e2b9-0409-4297-a440-cd2c3ceb34f5.crx, , [ee35d55d4942300622fa4c50887ca759],
PUP.Optional.Linkury, C:\Windows\System32\Tasks\snf, , [1f0459d9414aa4920ebf416243c1fe02],
PUP.Optional.Linkury, C:\Windows\System32\Tasks\snp, , [140fd35f78138da9f0de82217b89e41c],
PUP.Optional.Linkury.Gen, C:\Windows\SysWOW64\findit.xml, , [63c0bb7739523ef8aa5c881c27dda65a],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\jnsbAA0.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\hnsg20B1.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\knsq59D.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\rnsm55F.exe, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\Uninstall.exe, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\vnslD5E9.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Chinese_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\FileList.rcp, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Chinese_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\CleanSchedule.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Danish_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Danish_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Dutch_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Dutch_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\eng_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\eng_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Japanese_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Japanese_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\korean_rcp_ko.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\korean_uninst_ko.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\LicMgr.dll, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Norwegian_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Norwegian_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\polish_rcp_pl.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\polish_uninst_pl.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\portugese_rcp_pt.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\portugese_uninst_pt.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Portuguese_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Portuguese_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\RCPUninstall.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Finnish_rcp_fi.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Finnish_uninst_fi.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\French_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\French_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\German_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\German_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\greek_rcp_el.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\greek_uninst_el.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\install_left_image.bmp, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\isxdl.dll, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Italian_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Italian_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\RegCleanPro.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\RegList.rcp, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\russian_rcp_ru.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\russian_uninst_ru.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Spanish_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\spanish_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Swedish_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\swedish_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\systweakasp.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\TPS.ico, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\TraditionalCn_rcp_zh-tw.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\traditionalcn_uninst_zh-tw.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\turkish_rcp_tr.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Turkish_uninst_tr.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\unins000.dat, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\unins000.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\unins000.msg, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\xmllite.dll, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe, , [02215cd6058665d1e813b8eb11f305fb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\WdsManPro.exe, , [2cf7d45e791257df36c489a60af951af],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Roaming\mystartsearch\bnd, , [31f2c072d0bb38fefaf06b972bd820e0],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateHelper.msi, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{3AED5EC3-EB4C-4E2E-9785-4C61F0C1FC4E}\1.3.25.33\update.msi, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{BCFD65EB-318D-4892-B3C4-13554037EEF8}\1.3.25.33\update.msi, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx\product.guid, , [e63d54deef9c5dd9664628dc53b0c838],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Canplus.exe, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Canplus.exe.config, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\conf.config, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Config.xml, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Dingzenstrong.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.d.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Funzap.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Hoting.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\md.xml, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\PrxCfg.xml, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Quotecom.exe, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Quotecom.exe.config, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Ranin.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\S-hold.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\S-hold.bin.bck, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Stantech.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Stantone.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Temp-Stock.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Toughity.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\TransStatlight.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\uninstall.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Zoncof.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags\ff.HP, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags\ff.NT, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags\snp.sc, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Airis.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\conf.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Config.xml, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Domcof.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Domcof.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Domjoytom.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Finhome.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Finhome.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Greentough.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Greentough.bin.bck, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Opeis.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Opeis.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\PrxCfg.xml, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Ran-La.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Silverredkix.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Sonjayeco.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Stat-Ing.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Stat-Ing.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\StringZozlux.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Unafan.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\uninstall.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\VolJaystring.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophases\ff.HP, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.Linkury, C:\ProgramData\Saophases\ff.NT, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.Linkury, C:\ProgramData\Saophases\snp.sc, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.RegCleanerPro, C:\Users\Petr\AppData\Roaming\systweak\regclean pro\dta.ini, , [32f15bd71675f541b2e0c06222e118e8],
PUP.Optional.VOPackage, C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [d251b1818b00181e04e82dfd30d342be],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\updateconf, , [fb288aa86724f93d7afd3bf215ee15eb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\UWdsManProU\updateconf, , [9e85ef43a9e2b383a6d12d001ce7d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\iWdsManProi\updateconf, , [37ece2507a11df5714632ffe8f74d32d],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
PUP.Optional.ExtTag, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ExtTag\Stantech.dll, Dobré: (), Špatné: (C:\ProgramData\ExtTag\Stantech.dll),,[6db6260c216a6cca84d4110320e3fd03]
PUP.Optional.ExtTag, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ExtTag\Temp-Stock.dll, Dobré: (), Špatné: (C:\ProgramData\ExtTag\Temp-Stock.dll),,[6db6260c216a6cca84d4110320e3fd03]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299, Dobré: (Chrome.exe), Špatné: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299),,[9a89c36fd1ba261025df214721e4ce32]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299),,[2af95dd5deade84e172a551362a30df3]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299, Dobré: (Chrome.exe), Špatné: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&t ... JDWT301299),,[28fbf24043480333877d8cdc51b4bd43]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... JDWT301299),,[44df70c28308dc5a62dfc4a4fd088779]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[69ba78baef9c5fd7e6430072b94c926e]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[30f3f04243488babd0531e5434d1e51b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F. ... 6vv2RdNpg,, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F. ... F6vv2RdNpg,),,[48db131f206b74c223014a2834d1be42]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[25fe60d2e5a69c9a55cef2809e67f40c]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[a57e072b94f78caa69baa2d038cd629e]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),,[f33061d184079b9b69bcc7ab7d887c84]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[f42f8ea478136dc986a079f9976e7b85]
Složky: 43
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up, , [f033ea48f59664d2601019782cd828d8],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD, , [ee35d55d4942300622fa4c50887ca759],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Petr\AppData\Roaming\istartsurf, , [42e135fdd9b2be787682bc42c33fa25e],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Roaming\mystartsearch, , [31f2c072d0bb38fefaf06b972bd820e0],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{3AED5EC3-EB4C-4E2E-9785-4C61F0C1FC4E}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{3AED5EC3-EB4C-4E2E-9785-4C61F0C1FC4E}\1.3.25.33, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{BCFD65EB-318D-4892-B3C4-13554037EEF8}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{BCFD65EB-318D-4892-B3C4-13554037EEF8}\1.3.25.33, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Install, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Offline, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Offline\{C4C388A3-2A1B-4DDA-8E5F-88A7AFAFAB88}, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\installer, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\language, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\logs, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\scan_results, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Roaming\AnyProtectEx\swf, , [f72c7db591fab680a5069a6af1123ec2],
PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx, , [e63d54deef9c5dd9664628dc53b0c838],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ondemand, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\temp, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.Linkury, C:\ProgramData\Saophase, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\ondemand, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\temp, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophases, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.RegCleanerPro, C:\Users\Petr\AppData\Roaming\systweak\regclean pro, , [32f15bd71675f541b2e0c06222e118e8],
PUP.Optional.VOPackage, C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [d251b1818b00181e04e82dfd30d342be],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2, , [fb288aa86724f93d7afd3bf215ee15eb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\update, , [fb288aa86724f93d7afd3bf215ee15eb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\4WdsManPro4, , [bb68d35ffa91cc6a275033fa17ecfe02],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\9WdsManPro9, , [65bebc76a0eb38fedc9bff2e2bd88c74],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\QWdsManProQ, , [32f19b978b00aa8ca9ceca6347bc6b95],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\UWdsManProU, , [9e85ef43a9e2b383a6d12d001ce7d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\UWdsManProU\update, , [9e85ef43a9e2b383a6d12d001ce7d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\iWdsManProi, , [37ece2507a11df5714632ffe8f74d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\iWdsManProi\update, , [37ece2507a11df5714632ffe8f74d32d],
Soubory: 236
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-10.exe, , [d15261d18902da5c87c6d8e7ef12aa56],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10.exe, , [c55edd55c7c45ed81e742d8ed1300ef2],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-1-6.exe, , [ca59c270810a81b5e16cdee1a25ff709],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6.exe, , [66bd43ef3e4d8fa79ff31c9f56abd729],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6.exe, , [51d2c36f13788ea82c66b50614ed17e9],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-6.exe, , [64bf87ab365533032429b80737caae52],
PUP.Optional.Amonetize, C:\Program Files\NixSrv\packages\a699dc14-a780-44f5-b686-00f264e41543\NixHost.exe, , [e73ce34f107b6cca49d1dbd416eb6b95],
PUP.Optional.Nova, C:\Program Files (x86)\Shop and Save Up\c96f7254-a75b-42a5-9d91-3cc2cf8f591b.dll, , [6eb581b1adde40f624dd9b232dd447b9],
PUP.Optional.Nova, C:\Program Files (x86)\GoHD\d675e2b9-0409-4297-a440-cd2c3ceb34f5.dll, , [3ce729093b50ba7cb8493e8048b902fe],
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, , [8a994ee44744ba7cf5f51c9824ddbe42],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe, , [f52eff332863b680ca356610cc359868],
PUP.Optional.WProtectManager, C:\ProgramData\9WdsManPro9\WdsManPro.exe, , [e83ba58dd1ba55e1200701a8cf36b54b],
PUP.Optional.WProtectManager, C:\ProgramData\iWdsManProi\WdsManPro.exe, , [c3601a182e5d0c2ace5927827e87f907],
PUP.Optional.WProtectManager, C:\ProgramData\QWdsManProQ\WdsManPro.exe, , [f82bc969701ba88e2304ecbd10f524dc],
PUP.Optional.WProtectManager, C:\ProgramData\UWdsManProU\WdsManPro.exe, , [ba690f237a1189ade1469d0c9b6a0cf4],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe, , [f0333ef42f5ce84e5a25ac0e867b42be],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe, , [c45fff33d5b641f5fe81b4068e73e61a],
PUP.Optional.CrossRider, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\5a733d5e-2e55-47ff-9935-b8f193fb87c0.dll, , [ec37d75b404b54e205a55165c43dcc34],
PUP.Optional.Nova, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\6f96fffe-2e83-451f-b16b-bf0973ac8a86.dll, , [36ed31016526fe38f50c3a84fb06da26],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\1f0612da-adbb-49ac-be02-f64b100d5099.dll, , [46dd11218dfedd5946bbc9f5936e48b8],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\31454a64-4584-414e-aa57-81b4b2ed0940.dll, , [c95ab28053388da9cedc199d847df40c],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\8579675e-0d83-428a-b94c-de013a909c63.dll, , [ea390d25385396a06a40bff77d84dd23],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\ddab2ea5-ea5b-4de7-8181-5de9a3961545.dll, , [42e1a88aaeddad890df4299523de55ab],
PUP.Optional.CrossRider, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\044ac850-89dc-4e0f-ae71-926999ab476c.dll, , [c162fe348a012610e0cab40211f05ea2],
PUP.Optional.Nova, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\8f07da27-cad3-4b7d-8612-48c7c123053a.dll, , [2cf751e1b2d9ad89b74a2d91fc0547b9],
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up\37d865c2-6010-4668-8c4f-1e45ede0af48.dll, , [25fe2b07bdcedc5a3e6c9d19738eab55],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-1-7.exe, , [36edd35fb9d2ea4c3c114679b34e30d0],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-3.exe, , [f3303df5e5a686b0ed60754a0ff25ea2],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-5.exe, , [42e15bd7187356e071dca41bcd344ab6],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-64.exe, , [70b30d25612a0c2af954dbe4aa57926e],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\a22065ff-036a-4dd1-ae58-e19143869784-7.exe, , [55ce221035565fd7014c3887a35eaf51],
PUP.Optional.InstallCore, C:\Program Files (x86)\Shop and Save Up\Uninstall.exe, , [82a141f1bbd07db9e957e5c390759a66],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\UninstallBrw.exe, , [69bac56de1aaac8a371667584bb66997],
PUP.Optional.ShopAndSave, C:\Program Files (x86)\Shop and Save Up\utils.exe, , [2003fa38d4b7f046ea633986b8493dc3],
PUP.Optional.CrossRider, C:\Program Files (x86)\GoHD\0a5d9d92-4438-4f19-8e1c-bb966a0f9088.dll, , [3fe460d2335889adfdad2e882dd48977],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7.exe, , [2ff464cef6958fa7d7bb94270bf635cb],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3.exe, , [869d6fc31a71f0465e341c9fe51c05fb],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5.exe, , [1e05320069228aac5939a11abc45a35d],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-64.exe, , [7da67fb397f406306a284f6c39c8a759],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7.exe, , [1a09f2400c7f2e08d7bb2a9150b1f60a],
PUP.Optional.Downloader, C:\Program Files (x86)\GoHD\Uninstall.exe, , [24ffb87ab5d62f07ca2f8b2fc33eba46],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\UninstallBrw.exe, , [39ea55dd137885b14949417ad42d9868],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\utils.exe, , [b271fd351e6de056821003b8bd442ad6],
PUP.Optional.Systweak, C:\Windows\System32\roboot64.exe, , [22013ff3e5a63006f5e6d0ef956c03fd],
PUP.Optional.Bundler, c:\users\petr\appdata\local\temp\etilqs_ki3qohfa47huskx, , [1013af837e0d2511346a1547936db050],
PUP.Optional.PreInstaller, c:\users\petr\appdata\local\temp\etilqs_u5xgonasf3ickgc, , [8b98a58db2d9c2744845803ece332cd4],
Trojan.Agent, C:\Windows\Temp\nsa4F29.exe, , [958eae844f3cfd3912c46de720e5c53b],
RiskWare.CRK, C:\Users\Public\Win 8 aktivace\Windows 8 KMS Activator.rar, , [72b138fabbd00a2c5f95b0e347bba35d],
PUP.Optional.Bundler, C:\Users\Petr\AppData\Local\Temp\fsd120A.exe, , [7aa9f73bf99233031f7f302c55ab1ce4],
PUP.Optional.PreInstaller, C:\Users\Petr\AppData\Local\Temp\nsc8E4.tmp, , [f132ff33b6d54cea2568308e04fdad53],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Local\Temp\nsiD6BA.tmp, , [041f6dc5454665d19a2a5733c939eb15],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Local\Temp\nsmE4D6.tmp, , [ae75ff3356354ceaac51e1c11ce9b749],
Trojan.MSIL.Dropper, C:\Users\Petr\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, , [61c2a98909822e0819bf173f27de1fe1],
PUP.Optional.RegCleanerPro, C:\Users\Public\Desktop\RegClean Pro.lnk, , [e43f0a286625f0469f90be829c67b64a],
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\ASP, , [1c070d254942bf77aa88d56bfa09718f],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-6, , [fa29f73b830852e4970bd5ad40c41be5],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-7, , [af742e04d1ba43f3bee4f58d32d2c13f],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-10_user, , [fc273df50f7c2d092e742b5707fd8f71],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-3, , [30f3e74b216a2d095f43661c06fe16ea],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5, , [24ffe052226946f04b57572b4fb5f40c],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5_user, , [e24146ec7c0fe056257dafd3cf35c23e],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-6, , [63c0b2804d3ec076762c651d14f007f9],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-7, , [140ff43e1774c76f3b672161d72d1ae6],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6, , [f72c60d2acdf3ef8fba7bdc5b252be42],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7, , [fe254fe30d7e6fc7cad81969a361ec14],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user, , [2ef5a48e96f563d30c96a4de749045bb],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3, , [7da6f73b3457d95d0b9789f9e22201ff],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5, , [e043ce646427f1456c36671bcc38847c],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user, , [1013ec46335871c54f53bcc65fa5d52b],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6, , [8a9966cc593288aee1c1a5dd13f125db],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7, , [889bca688308c274089a85fddd27a858],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-6.job, , [a67d082a701b93a3396ac8baf212e818],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-1-7.job, , [b76cd959d9b253e3693a1c661aeacb35],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-10_user.job, , [e63dcc66890255e1dcc7c4bed13343bd],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-3.job, , [9192d65caddebe784e55a2e071935ea2],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5.job, , [9b88cd65bccf082e653e8bf7927233cd],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-5_user.job, , [35eeb77ba9e2bc7a653eafd36e969e62],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-6.job, , [b66d1a18602bd75f247f70127193d030],
PUP.Optional.CrossRider, C:\Windows\Tasks\a22065ff-036a-4dd1-ae58-e19143869784-7.job, , [32f1b979c9c2ec4ad3d0b3cf9c687090],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6.job, , [958e6cc6731892a44f545a286d972fd1],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7.job, , [c162a58d860594a201a2bcc6e91bc53b],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user.job, , [6db63cf6e0ab1620a102374bcc38a759],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-3.job, , [71b2b082f49762d4ccd7265c838139c7],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5.job, , [150e36fce1aa25119e0586fc83810ff1],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user.job, , [7ba89d955c2f39fd2281166c0202827e],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-6.job, , [a18267cb90fbdb5bf1b21e642bd90ef2],
PUP.Optional.CrossRider, C:\Windows\Tasks\cf1c31a8-6e44-4f44-9884-00b7deb9645f-7.job, , [a57e6ec43b509d99a7fc98ead62eb34d],
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up\bgNova.html, , [f033ea48f59664d2601019782cd828d8],
PUP.Optional.CrossRider, C:\Program Files (x86)\Shop and Save Up\c96f7254-a75b-42a5-9d91-3cc2cf8f591b.crx, , [f033ea48f59664d2601019782cd828d8],
PUP.Optional.GlobalUpdate, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [5ac97fb35d2e60d6b3389a0118ecff01],
PUP.Optional.GlobalUpdate, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [f62d7bb739528caad319afec61a39868],
PUP.Optional.GlobalUpdate, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [a1829b97a9e23ef814da564547bd9d63],
PUP.Optional.GlobalUpdate, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [ca59f53d9cef8aac17d88f0cd82cd32d],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\bgNova.html, , [ee35d55d4942300622fa4c50887ca759],
PUP.Optional.GoHD, C:\Program Files (x86)\GoHD\d675e2b9-0409-4297-a440-cd2c3ceb34f5.crx, , [ee35d55d4942300622fa4c50887ca759],
PUP.Optional.Linkury, C:\Windows\System32\Tasks\snf, , [1f0459d9414aa4920ebf416243c1fe02],
PUP.Optional.Linkury, C:\Windows\System32\Tasks\snp, , [140fd35f78138da9f0de82217b89e41c],
PUP.Optional.Linkury.Gen, C:\Windows\SysWOW64\findit.xml, , [63c0bb7739523ef8aa5c881c27dda65a],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\jnsbAA0.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\hnsg20B1.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\knsq59D.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\rnsm55F.exe, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\Uninstall.exe, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.MultiPlug, C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF\vnslD5E9.tmp, , [e241072bbecdf73f319fb9f138ccbc44],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Chinese_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\FileList.rcp, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Chinese_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\CleanSchedule.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Danish_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Danish_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Dutch_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Dutch_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\eng_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\eng_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Japanese_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Japanese_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\korean_rcp_ko.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\korean_uninst_ko.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\LicMgr.dll, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Norwegian_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Norwegian_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\polish_rcp_pl.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\polish_uninst_pl.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\portugese_rcp_pt.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\portugese_uninst_pt.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Portuguese_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Portuguese_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\RCPUninstall.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Finnish_rcp_fi.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Finnish_uninst_fi.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\French_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\French_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\German_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\German_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\greek_rcp_el.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\greek_uninst_el.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\install_left_image.bmp, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\isxdl.dll, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Italian_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Italian_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\RegCleanPro.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\RegList.rcp, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\russian_rcp_ru.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\russian_uninst_ru.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Spanish_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\spanish_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Swedish_rcp.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\swedish_uninst.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\systweakasp.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\TPS.ico, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\TraditionalCn_rcp_zh-tw.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\traditionalcn_uninst_zh-tw.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\turkish_rcp_tr.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\Turkish_uninst_tr.ini, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\unins000.dat, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\unins000.exe, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\unins000.msg, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\Program Files (x86)\RCP\xmllite.dll, , [cd56a9894e3d32046a1a466d01030af6],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.RegCleanPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk, , [a87b69c94d3e45f12660ffb412f2ea16],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe, , [02215cd6058665d1e813b8eb11f305fb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\WdsManPro.exe, , [2cf7d45e791257df36c489a60af951af],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Roaming\mystartsearch\bnd, , [31f2c072d0bb38fefaf06b972bd820e0],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateHelper.msi, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{3AED5EC3-EB4C-4E2E-9785-4C61F0C1FC4E}\1.3.25.33\update.msi, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download\{BCFD65EB-318D-4892-B3C4-13554037EEF8}\1.3.25.33\update.msi, , [60c369c9701b2a0c088c9f64fe0529d7],
PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx\product.guid, , [e63d54deef9c5dd9664628dc53b0c838],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Canplus.exe, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Canplus.exe.config, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\conf.config, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Config.xml, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Dingzenstrong.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.d.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Funzap.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Hoting.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\md.xml, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\PrxCfg.xml, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Quotecom.exe, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Quotecom.exe.config, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Ranin.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\S-hold.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\S-hold.bin.bck, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Stantech.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Stantone.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Temp-Stock.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Toughity.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\TransStatlight.dll, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\uninstall.dat, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Zoncof.bin, , [6db6260c216a6cca84d4110320e3fd03],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags\ff.HP, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags\ff.NT, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.ExtTag, C:\ProgramData\ExtTags\snp.sc, , [c06378ba8dfe4bebf06941d3e122b14f],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Airis.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\conf.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Config.xml, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Domcof.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Domcof.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Domjoytom.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Finhome.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Finhome.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Greentough.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Greentough.bin.bck, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Opeis.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Opeis.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\PrxCfg.xml, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Ran-La.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Silverredkix.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Sonjayeco.dll, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Stat-Ing.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Stat-Ing.exe.config, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\StringZozlux.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\Unafan.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\uninstall.exe, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophase\VolJaystring.bin, , [29faee446625ec4a241fb26830d39070],
PUP.Optional.Linkury, C:\ProgramData\Saophases\ff.HP, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.Linkury, C:\ProgramData\Saophases\ff.NT, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.Linkury, C:\ProgramData\Saophases\snp.sc, , [6cb7062c1a71eb4b7dc71a00c63dae52],
PUP.Optional.RegCleanerPro, C:\Users\Petr\AppData\Roaming\systweak\regclean pro\dta.ini, , [32f15bd71675f541b2e0c06222e118e8],
PUP.Optional.VOPackage, C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [d251b1818b00181e04e82dfd30d342be],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\updateconf, , [fb288aa86724f93d7afd3bf215ee15eb],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\UWdsManProU\updateconf, , [9e85ef43a9e2b383a6d12d001ce7d32d],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\iWdsManProi\updateconf, , [37ece2507a11df5714632ffe8f74d32d],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
Super, je tam toho požehnaně, tak to vymeteme ne? 
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
po restartu se mi otevřel log C1 ne S?
# AdwCleaner v5.008 - Logfile created 20/09/2015 at 22:52:21
# Updated 18/09/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 8 Pro (x64)
# Username : Petr - SIMLORDON
# Running from : C:\Users\Petr\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[-] Service Deleted : sp_rsdrv2
[-] Service Deleted : ExtTag
[-] Service Deleted : NixSrv
[-] Service Deleted : WdsManPro
[-] Service Deleted : gyvixodu
[-] Service Deleted : lehicewu
[-] Service Deleted : lylegity
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\NixSrv
[-] Folder Deleted : C:\Program Files (x86)\AnyProtectEx
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\RCP
[-] Folder Deleted : C:\Program Files (x86)\GoHD
[-] Folder Deleted : C:\Program Files (x86)\Shop and Save Up
[-] Folder Deleted : C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF
[!] Folder Not Deleted : C:\Program Files (x86)\GoHD
[!] Folder Not Deleted : C:\Program Files (x86)\Shop and Save Up
[-] Folder Deleted : C:\ProgramData\ExtTags
[-] Folder Deleted : C:\ProgramData\ExtTag
[-] Folder Deleted : C:\ProgramData\saophase
[-] Folder Deleted : C:\ProgramData\Saophases
[-] Folder Deleted : C:\ProgramData\2WdsManPro2
[-] Folder Deleted : C:\ProgramData\4WdsManPro4
[-] Folder Deleted : C:\ProgramData\9WdsManPro9
[-] Folder Deleted : C:\ProgramData\iWdsManProi
[-] Folder Deleted : C:\ProgramData\QWdsManProQ
[-] Folder Deleted : C:\ProgramData\UWdsManProU
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\Users\Petr\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Petr\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
***** [ Files ] *****
[-] File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : ASP
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : snp
[-] Task Deleted : snf
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-7
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-10_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-3
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-7
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-10_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-3
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\c96f7254-a75b-42a5-9d91-3cc2cf8f591b
[-] Key Deleted : HKLM\SOFTWARE\d675e2b9-0409-4297-a440-cd2c3ceb34f5
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Shop and Save Up
[-] Key Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKCU\Software\OB
[!] Key Not Deleted : HKCU\Software\GoHD
[!] Key Not Deleted : HKCU\Software\Shop and Save Up
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\downchecker
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[!] Key Not Deleted : HKLM\SOFTWARE\GoHD
[!] Key Not Deleted : HKLM\SOFTWARE\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
[!] Key Not Deleted : [x64] HKCU\Software\AnyProtect
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\GoHD
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\Shop and Save Up
[!] Key Not Deleted : [x64] HKCU\Software\MyBrowser
[!] Key Not Deleted : [x64] HKCU\Software\OB
[!] Key Not Deleted : [x64] HKCU\Software\GoHD
[!] Key Not Deleted : [x64] HKCU\Software\Shop and Save Up
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
***** [ Web browsers ] *****
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15792 bytes] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 9. 2015
Čas skenování: 22:59
Protokol: MbAM log.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.20.04
Databáze rootkitů: v2015.09.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Petr
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 396614
Uplynulý čas: 33 min, 33 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, 3628, Smazat při restartu, [2202181a6427e55198573282e81927d9]
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 19
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dowtloddyr, Do karantény, [2202181a6427e55198573282e81927d9],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, Do karantény, [f82cac86583390a66ca6b220ad578d73],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv, Do karantény, [d74d73bf5932a98da8929efea65ea35d],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv-ie, Do karantény, [8c98c969b0dbd6600733514bcc384fb1],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv, Do karantény, [ab790e249bf01c1ae9fcf6c20df7c13f],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, Do karantény, [ab79f53d5734f83eb72e16a2ec18768a],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, Do karantény, [49db171b04873204db37c9090103d22e],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, Do karantény, [bf6578ba7b10fe384abfe9bba262df21],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv, Do karantény, [e53fbe7499f2cf67d16439631ee65aa6],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv-ie, Do karantény, [4fd5b37f98f384b20233c8d4c0449f61],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv, Do karantény, [9b89bb778a010e2815ceb107ec18e818],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv-ie, Do karantény, [78ac2f03b0dba88e9f445761f212d52b],
PUP.Optional.Cinema, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaP-1.9cV19.09-nv-ie, Do karantény, [29fbe74b771458de7012e0abad576997],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaPlus-3.2cV19.09-nv-ie, Do karantény, [051fca68642784b2c1443c50729231cf],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv, Do karantény, [db4955dd315a9c9acb6a9dffbf4539c7],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv-ie, Do karantény, [d05481b10586e2544ce9fca043c1f40c],
PUP.Optional.SavePass, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SavePass 1.1-nv-ie, Do karantény, [9d875fd32269b185e77e9322778d3bc5],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv, Do karantény, [3aeab47e28630d298c57784024e0d828],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv-ie, Do karantény, [47dd5ad8afdc6acccd16c8f0a75d827e],
Hodnoty registru: 5
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Do karantény, [c262b97958339b9bf6f1ff7d8e76728e]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, Do karantény, [bf6578ba7b10fe384abfe9bba262df21]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, Do karantény, [e34150e24f3c5ed86180554e92727987]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F. ... llDate=19., Do karantény, [ba6a66cc8cffd56169796d36000430d0]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Do karantény, [67bd41f17b10a195a44073090ff5b848]
Data registru: 6
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),Nahrazeno,[b2723df56d1efa3c033d5d1545c044bc]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[a282072bdfac91a52f0b5919986dec14]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F. ... 6vv2RdNpg,, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F. ... F6vv2RdNpg,),Nahrazeno,[e143a58d7a1185b1ab903141cd380ff1]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[28fc43efec9f989e46f429498c799f61]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[be6656dc315ac86e62d8363c3dc85ba5]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[a381250d3b50ef47b785165c2bda24dc]
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 21
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, Smazat při restartu, [2202181a6427e55198573282e81927d9],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe, Do karantény, [69bb072b3f4cc5713e46dedc3ac7f010],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe, Do karantény, [77ad90a2fe8d77bff490dedce021d42c],
PUP.Optional.CrossRider, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\5a733d5e-2e55-47ff-9935-b8f193fb87c0.dll, Do karantény, [ea3a3ef4dcaf38fed6d9991d8c75ae52],
PUP.Optional.Nova, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\6f96fffe-2e83-451f-b16b-bf0973ac8a86.dll, Do karantény, [1212969c4a41ab8bf610c2fce81911ef],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\1f0612da-adbb-49ac-be02-f64b100d5099.dll, Do karantény, [b76deb47d8b370c611f52c92e31e6c94],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\31454a64-4584-414e-aa57-81b4b2ed0940.dll, Do karantény, [2cf8f939800b280e6946991d7e83c739],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\8579675e-0d83-428a-b94c-de013a909c63.dll, Do karantény, [879d21115536bb7b159a1d9955accb35],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\ddab2ea5-ea5b-4de7-8181-5de9a3961545.dll, Do karantény, [b66ec2708803003662a4d5e9956cf40c],
PUP.Optional.CrossRider, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\044ac850-89dc-4e0f-ae71-926999ab476c.dll, Do karantény, [ab79f73b5437c3735c53bef854ad7b85],
PUP.Optional.Nova, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\8f07da27-cad3-4b7d-8612-48c7c123053a.dll, Do karantény, [a67e33ffe3a86dc93bcb3d81a8593bc5],
PUP.Optional.Bundler, C:\Users\Petr\AppData\Local\Temp\fsd120A.exe, Do karantény, [180cf43e18739d99118d98c4d32df10f],
PUP.Optional.PreInstaller, C:\Users\Petr\AppData\Local\Temp\nsc8E4.tmp, Do karantény, [75af3af8b1da51e5731ff4cac1404ab6],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Local\Temp\nsiD6BA.tmp, Do karantény, [bb69a58d9fec181e0ec2acde1de5a759],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Local\Temp\nsmE4D6.tmp, Do karantény, [77ad7fb3860540f618fc535055b0837d],
PUP.Optional.WProtectManager, C:\Users\Petr\AppData\Local\Temp\20150920221118\I\tmp\wpm_v20.0.0.2301.exe, Do karantény, [73b1f240781330061f1f9118d33226da],
Trojan.MSIL.Dropper, C:\Users\Petr\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, Do karantény, [ec38f33f7b10a591e9ff1d39dd28b749],
Trojan.Agent, C:\Windows\Temp\nsa4F29.exe, Do karantény, [c361cf6348436acc8f57e96b0df8837d],
PUP.Optional.Linkury, C:\Windows\Temp\tmp63D2.tmp, Do karantény, [65bf2b07a2e98caac54f10a4857c04fc],
RiskWare.CRK, C:\Users\Public\Win 8 aktivace\Windows 8 KMS Activator.rar, Do karantény, [ab792e041378bd79fb05b5df34ceb050],
PUP.Optional.Linkury.Gen, C:\Windows\SysWOW64\findit.xml, Do karantény, [889ca191c6c5d264a37103a17a8ac937],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
# AdwCleaner v5.008 - Logfile created 20/09/2015 at 22:52:21
# Updated 18/09/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 8 Pro (x64)
# Username : Petr - SIMLORDON
# Running from : C:\Users\Petr\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[-] Service Deleted : sp_rsdrv2
[-] Service Deleted : ExtTag
[-] Service Deleted : NixSrv
[-] Service Deleted : WdsManPro
[-] Service Deleted : gyvixodu
[-] Service Deleted : lehicewu
[-] Service Deleted : lylegity
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\NixSrv
[-] Folder Deleted : C:\Program Files (x86)\AnyProtectEx
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\RCP
[-] Folder Deleted : C:\Program Files (x86)\GoHD
[-] Folder Deleted : C:\Program Files (x86)\Shop and Save Up
[-] Folder Deleted : C:\Program Files (x86)\34323030-1442694071-3041-3237-3344FFFFFFFF
[!] Folder Not Deleted : C:\Program Files (x86)\GoHD
[!] Folder Not Deleted : C:\Program Files (x86)\Shop and Save Up
[-] Folder Deleted : C:\ProgramData\ExtTags
[-] Folder Deleted : C:\ProgramData\ExtTag
[-] Folder Deleted : C:\ProgramData\saophase
[-] Folder Deleted : C:\ProgramData\Saophases
[-] Folder Deleted : C:\ProgramData\2WdsManPro2
[-] Folder Deleted : C:\ProgramData\4WdsManPro4
[-] Folder Deleted : C:\ProgramData\9WdsManPro9
[-] Folder Deleted : C:\ProgramData\iWdsManProi
[-] Folder Deleted : C:\ProgramData\QWdsManProQ
[-] Folder Deleted : C:\ProgramData\UWdsManProU
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\Users\Petr\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Petr\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
***** [ Files ] *****
[-] File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : ASP
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : snp
[-] Task Deleted : snf
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-7
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-10_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-3
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-1-7
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-10_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-3
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-5_user
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-6
[-] Task Deleted : a22065ff-036a-4dd1-ae58-e19143869784-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-1-7
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-10_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-3
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-5_user
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-6
[-] Task Deleted : cf1c31a8-6e44-4f44-9884-00b7deb9645f-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\c96f7254-a75b-42a5-9d91-3cc2cf8f591b
[-] Key Deleted : HKLM\SOFTWARE\d675e2b9-0409-4297-a440-cd2c3ceb34f5
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Shop and Save Up
[-] Key Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKCU\Software\OB
[!] Key Not Deleted : HKCU\Software\GoHD
[!] Key Not Deleted : HKCU\Software\Shop and Save Up
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\downchecker
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[!] Key Not Deleted : HKLM\SOFTWARE\GoHD
[!] Key Not Deleted : HKLM\SOFTWARE\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
[!] Key Not Deleted : [x64] HKCU\Software\AnyProtect
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\GoHD
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\Shop and Save Up
[!] Key Not Deleted : [x64] HKCU\Software\MyBrowser
[!] Key Not Deleted : [x64] HKCU\Software\OB
[!] Key Not Deleted : [x64] HKCU\Software\GoHD
[!] Key Not Deleted : [x64] HKCU\Software\Shop and Save Up
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
***** [ Web browsers ] *****
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15792 bytes] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 9. 2015
Čas skenování: 22:59
Protokol: MbAM log.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.20.04
Databáze rootkitů: v2015.09.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Petr
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 396614
Uplynulý čas: 33 min, 33 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, 3628, Smazat při restartu, [2202181a6427e55198573282e81927d9]
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 19
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dowtloddyr, Do karantény, [2202181a6427e55198573282e81927d9],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, Do karantény, [f82cac86583390a66ca6b220ad578d73],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv, Do karantény, [d74d73bf5932a98da8929efea65ea35d],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv-ie, Do karantény, [8c98c969b0dbd6600733514bcc384fb1],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv, Do karantény, [ab790e249bf01c1ae9fcf6c20df7c13f],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, Do karantény, [ab79f53d5734f83eb72e16a2ec18768a],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, Do karantény, [49db171b04873204db37c9090103d22e],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, Do karantény, [bf6578ba7b10fe384abfe9bba262df21],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv, Do karantény, [e53fbe7499f2cf67d16439631ee65aa6],
PUP.Optional.GoHD, HKU\S-1-5-18\SOFTWARE\GoHD-nv-ie, Do karantény, [4fd5b37f98f384b20233c8d4c0449f61],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv, Do karantény, [9b89bb778a010e2815ceb107ec18e818],
PUP.Optional.ShopAndSave, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv-ie, Do karantény, [78ac2f03b0dba88e9f445761f212d52b],
PUP.Optional.Cinema, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaP-1.9cV19.09-nv-ie, Do karantény, [29fbe74b771458de7012e0abad576997],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\CinemaPlus-3.2cV19.09-nv-ie, Do karantény, [051fca68642784b2c1443c50729231cf],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv, Do karantény, [db4955dd315a9c9acb6a9dffbf4539c7],
PUP.Optional.GoHD, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\GoHD-nv-ie, Do karantény, [d05481b10586e2544ce9fca043c1f40c],
PUP.Optional.SavePass, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\SavePass 1.1-nv-ie, Do karantény, [9d875fd32269b185e77e9322778d3bc5],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv, Do karantény, [3aeab47e28630d298c57784024e0d828],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\Shop and Save Up-nv-ie, Do karantény, [47dd5ad8afdc6acccd16c8f0a75d827e],
Hodnoty registru: 5
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Do karantény, [c262b97958339b9bf6f1ff7d8e76728e]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, Do karantény, [bf6578ba7b10fe384abfe9bba262df21]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, Do karantény, [e34150e24f3c5ed86180554e92727987]
PUP.Optional.Linkury, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F. ... llDate=19., Do karantény, [ba6a66cc8cffd56169796d36000430d0]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Do karantény, [67bd41f17b10a195a44073090ff5b848]
Data registru: 6
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),Nahrazeno,[b2723df56d1efa3c033d5d1545c044bc]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[a282072bdfac91a52f0b5919986dec14]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F. ... 6vv2RdNpg,, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F. ... F6vv2RdNpg,),Nahrazeno,[e143a58d7a1185b1ab903141cd380ff1]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[28fc43efec9f989e46f429498c799f61]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[be6656dc315ac86e62d8363c3dc85ba5]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4087970696-2359579625-4084102647-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Q1tEk4,&q={searchTerms}),Nahrazeno,[a381250d3b50ef47b785165c2bda24dc]
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 21
Trojan.Agent.MSIL, C:\Users\Petr\AppData\Local\donelectronics.exe, Smazat při restartu, [2202181a6427e55198573282e81927d9],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe, Do karantény, [69bb072b3f4cc5713e46dedc3ac7f010],
PUP.Optional.CrossRider, C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe, Do karantény, [77ad90a2fe8d77bff490dedce021d42c],
PUP.Optional.CrossRider, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\5a733d5e-2e55-47ff-9935-b8f193fb87c0.dll, Do karantény, [ea3a3ef4dcaf38fed6d9991d8c75ae52],
PUP.Optional.Nova, C:\Program Files (x86)\044ac850-89dc-4e0f-ae71-926999ab476c\6f96fffe-2e83-451f-b16b-bf0973ac8a86.dll, Do karantény, [1212969c4a41ab8bf610c2fce81911ef],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\1f0612da-adbb-49ac-be02-f64b100d5099.dll, Do karantény, [b76deb47d8b370c611f52c92e31e6c94],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\31454a64-4584-414e-aa57-81b4b2ed0940.dll, Do karantény, [2cf8f939800b280e6946991d7e83c739],
PUP.Optional.CrossRider, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\8579675e-0d83-428a-b94c-de013a909c63.dll, Do karantény, [879d21115536bb7b159a1d9955accb35],
PUP.Optional.Nova, C:\Program Files (x86)\31454a64-4584-414e-aa57-81b4b2ed0940\ddab2ea5-ea5b-4de7-8181-5de9a3961545.dll, Do karantény, [b66ec2708803003662a4d5e9956cf40c],
PUP.Optional.CrossRider, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\044ac850-89dc-4e0f-ae71-926999ab476c.dll, Do karantény, [ab79f73b5437c3735c53bef854ad7b85],
PUP.Optional.Nova, C:\Program Files (x86)\697ee8b4-26f2-4620-9d17-d4b89952b2ca\8f07da27-cad3-4b7d-8612-48c7c123053a.dll, Do karantény, [a67e33ffe3a86dc93bcb3d81a8593bc5],
PUP.Optional.Bundler, C:\Users\Petr\AppData\Local\Temp\fsd120A.exe, Do karantény, [180cf43e18739d99118d98c4d32df10f],
PUP.Optional.PreInstaller, C:\Users\Petr\AppData\Local\Temp\nsc8E4.tmp, Do karantény, [75af3af8b1da51e5731ff4cac1404ab6],
PUP.Optional.AnyProtect, C:\Users\Petr\AppData\Local\Temp\nsiD6BA.tmp, Do karantény, [bb69a58d9fec181e0ec2acde1de5a759],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Petr\AppData\Local\Temp\nsmE4D6.tmp, Do karantény, [77ad7fb3860540f618fc535055b0837d],
PUP.Optional.WProtectManager, C:\Users\Petr\AppData\Local\Temp\20150920221118\I\tmp\wpm_v20.0.0.2301.exe, Do karantény, [73b1f240781330061f1f9118d33226da],
Trojan.MSIL.Dropper, C:\Users\Petr\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, Do karantény, [ec38f33f7b10a591e9ff1d39dd28b749],
Trojan.Agent, C:\Windows\Temp\nsa4F29.exe, Do karantény, [c361cf6348436acc8f57e96b0df8837d],
PUP.Optional.Linkury, C:\Windows\Temp\tmp63D2.tmp, Do karantény, [65bf2b07a2e98caac54f10a4857c04fc],
RiskWare.CRK, C:\Users\Public\Win 8 aktivace\Windows 8 KMS Activator.rar, Do karantény, [ab792e041378bd79fb05b5df34ceb050],
PUP.Optional.Linkury.Gen, C:\Windows\SysWOW64\findit.xml, Do karantény, [889ca191c6c5d264a37103a17a8ac937],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
ted jsem spustil Junkware Removal Tool by Thisisu
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 8 Pro x64
Ran by Petr on ne 20. 09. 2015 at 23:38:51,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] sp_rsdrv2 [Reboot required]
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}
~~~ Files
Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Successfully deleted: [File] C:\Users\Petr\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Petr\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\nixsrv
Successfully deleted: [Folder] C:\ProgramData\alawarwrapper
Successfully deleted: [Folder] C:\Users\Petr\AppData\Roaming\alawarentertainment
~~~ Chrome
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20. 09. 2015 at 23:42:29,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 8 Pro x64
Ran by Petr on ne 20. 09. 2015 at 23:38:51,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] sp_rsdrv2 [Reboot required]
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}
~~~ Files
Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Successfully deleted: [File] C:\Users\Petr\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Petr\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\nixsrv
Successfully deleted: [Folder] C:\ProgramData\alawarwrapper
Successfully deleted: [Folder] C:\Users\Petr\AppData\Roaming\alawarentertainment
~~~ Chrome
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Petr\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20. 09. 2015 at 23:42:29,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: neustále mi nabíhají instalace nějakých programů, PROSÍM o kontrolu logu
RogueKiller V10.10.5.0 (x64) [Sep 14 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8 (6.2.9200) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\Petr\Downloads\RogueKillerX64.exe
Mód : Prohledat -- Datum : 09/21/2015 00:11:48
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 7 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wdii (System32\drivers\nrpnpjic.sys) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{07D27F10-D303-4F87-9CD1-40A8846AB018} | DhcpNameServer : 172.20.10.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6F5574DD-3951-4458-BCBC-A95D4C7AA2E2} | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{07D27F10-D303-4F87-9CD1-40A8846AB018} | DhcpNameServer : 172.20.10.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6F5574DD-3951-4458-BCBC-A95D4C7AA2E2} | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
¤¤¤ Úlohy : 5 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\9sIUttZbtc48zSoNayUowFhYY.job -- C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe (--c=jcBPO5W4RaLeC+MzXO3BXS/R6sRORpXpVOK89q0T5SEe+MZN2cO70tkH/JT+u166YwnDCOrIr/+5bJ5aA0lGL4wKnTe4qWScCLfKg/gidP/mlMTOamOqlB4s7CCrEoEeP1HbZpxgRcwWOBWF0YliPR1XANcuyG2N+wNRhc9VxpNTEuV6FD+LZ6ekP0cBQD6lgMUAL4WloTWBsF5Ygeww9lxBUcaBXO/4lFuwYMqv6P+Ha1jFtiaXLr8fm7M7cX17fLezzubN/uJhTd61KV2va6qbAZS4A8eSa2p9qzpm/rROgEBH+6ktHh4Apd6m1UDf/nBFsdM8rl2CvaZo034Bdw==) -> Nalezeno
[Suspicious.Path] %WINDIR%\Tasks\hrexWxS1mZm2uHVaJrMQPhPZh2.job -- C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe (--c=MZL6YwXqaEoyDT0yHw9DXv7rO8pHpuAxWtmh0fNnJ0E4CcTuX5za06OtUUnZrkG6v+JdCL3OUyST+biaCwKjbWXExHvP9fRWNXXsimy8M1T5IDTSwdvC6PYtNN1H4cxy2oLolRxZS0ud/RO9JKZhKSr3CVY7lDgsd3DNTZu4Jl2cwXWLRZws5Gv9aefKBHEblAJbuKOt4AG5LaQIDEjN90M2sMvMrnxKrwe8c4d+LL92R3yVdg59SiAkyT/JtN4tLGYQqSUffGlG88ZVpLuXaWZc+wNGWRy69t2U3T661lg6Q/pGDEQDgiD+3+zKdq8yXnRqQAneMGZZHNK8Blfynw==) -> Nalezeno
[Suspicious.Path] \9sIUttZbtc48zSoNayUowFhYY -- C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe (--c=jcBPO5W4RaLeC+MzXO3BXS/R6sRORpXpVOK89q0T5SEe+MZN2cO70tkH/JT+u166YwnDCOrIr/+5bJ5aA0lGL4wKnTe4qWScCLfKg/gidP/mlMTOamOqlB4s7CCrEoEeP1HbZpxgRcwWOBWF0YliPR1XANcuyG2N+wNRhc9VxpNTEuV6FD+LZ6ekP0cBQD6lgMUAL4WloTWBsF5Ygeww9lxBUcaBXO/4lFuwYMqv6P+Ha1jFtiaXLr8fm7M7cX17fLezzubN/uJhTd61KV2va6qbAZS4A8eSa2p9qzpm/rROgEBH+6ktHh4Apd6m1UDf/nBFsdM8rl2CvaZo034Bdw==) -> Nalezeno
[Suspicious.Path] \hrexWxS1mZm2uHVaJrMQPhPZh2 -- C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe (--c=MZL6YwXqaEoyDT0yHw9DXv7rO8pHpuAxWtmh0fNnJ0E4CcTuX5za06OtUUnZrkG6v+JdCL3OUyST+biaCwKjbWXExHvP9fRWNXXsimy8M1T5IDTSwdvC6PYtNN1H4cxy2oLolRxZS0ud/RO9JKZhKSr3CVY7lDgsd3DNTZu4Jl2cwXWLRZws5Gv9aefKBHEblAJbuKOt4AG5LaQIDEjN90M2sMvMrnxKrwe8c4d+LL92R3yVdg59SiAkyT/JtN4tLGYQqSUffGlG88ZVpLuXaWZc+wNGWRy69t2U3T661lg6Q/pGDEQDgiD+3+zKdq8yXnRqQAneMGZZHNK8Blfynw==) -> Nalezeno
[Suspicious.Path] \psv_zwoa11ll -- cmd.exe (/c regedit.exe /s "C:\ProgramData\Saophase\knu4esv5.vus.reg" & del "C:\ProgramData\Saophase\knu4esv5.vus.reg" & SCHTASKS /Delete /TN "psv_zwoa11ll" /F) -> Nalezeno
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 8 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_POWER[22] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_PNP[27] : Unknown @ 0x418c549600000000
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll.dll - memcpy : Unknown @ 0x798f490 (repne jmp 0xffffffe4|repne jmp 0xffffffe4|repne jmp 0xffffffe4)
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SI SCSI Disk Device +++++
--- User ---
[MBR] b1f7d6ea2fb5b78abecb5cb9c9a91272
[BSP] 8004430ad8ba76467bf17119ac7b2bae : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 253517 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 519921664 | Size: 699999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8 (6.2.9200) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\Petr\Downloads\RogueKillerX64.exe
Mód : Prohledat -- Datum : 09/21/2015 00:11:48
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 7 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wdii (System32\drivers\nrpnpjic.sys) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{07D27F10-D303-4F87-9CD1-40A8846AB018} | DhcpNameServer : 172.20.10.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6F5574DD-3951-4458-BCBC-A95D4C7AA2E2} | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{07D27F10-D303-4F87-9CD1-40A8846AB018} | DhcpNameServer : 172.20.10.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6F5574DD-3951-4458-BCBC-A95D4C7AA2E2} | DhcpNameServer : 213.211.45.3 212.96.160.7 ([CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)]) -> Nalezeno
¤¤¤ Úlohy : 5 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\9sIUttZbtc48zSoNayUowFhYY.job -- C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe (--c=jcBPO5W4RaLeC+MzXO3BXS/R6sRORpXpVOK89q0T5SEe+MZN2cO70tkH/JT+u166YwnDCOrIr/+5bJ5aA0lGL4wKnTe4qWScCLfKg/gidP/mlMTOamOqlB4s7CCrEoEeP1HbZpxgRcwWOBWF0YliPR1XANcuyG2N+wNRhc9VxpNTEuV6FD+LZ6ekP0cBQD6lgMUAL4WloTWBsF5Ygeww9lxBUcaBXO/4lFuwYMqv6P+Ha1jFtiaXLr8fm7M7cX17fLezzubN/uJhTd61KV2va6qbAZS4A8eSa2p9qzpm/rROgEBH+6ktHh4Apd6m1UDf/nBFsdM8rl2CvaZo034Bdw==) -> Nalezeno
[Suspicious.Path] %WINDIR%\Tasks\hrexWxS1mZm2uHVaJrMQPhPZh2.job -- C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe (--c=MZL6YwXqaEoyDT0yHw9DXv7rO8pHpuAxWtmh0fNnJ0E4CcTuX5za06OtUUnZrkG6v+JdCL3OUyST+biaCwKjbWXExHvP9fRWNXXsimy8M1T5IDTSwdvC6PYtNN1H4cxy2oLolRxZS0ud/RO9JKZhKSr3CVY7lDgsd3DNTZu4Jl2cwXWLRZws5Gv9aefKBHEblAJbuKOt4AG5LaQIDEjN90M2sMvMrnxKrwe8c4d+LL92R3yVdg59SiAkyT/JtN4tLGYQqSUffGlG88ZVpLuXaWZc+wNGWRy69t2U3T661lg6Q/pGDEQDgiD+3+zKdq8yXnRqQAneMGZZHNK8Blfynw==) -> Nalezeno
[Suspicious.Path] \9sIUttZbtc48zSoNayUowFhYY -- C:\Users\Petr\AppData\Roaming\9sIUttZbtc48zSoNayUowFhYY.exe (--c=jcBPO5W4RaLeC+MzXO3BXS/R6sRORpXpVOK89q0T5SEe+MZN2cO70tkH/JT+u166YwnDCOrIr/+5bJ5aA0lGL4wKnTe4qWScCLfKg/gidP/mlMTOamOqlB4s7CCrEoEeP1HbZpxgRcwWOBWF0YliPR1XANcuyG2N+wNRhc9VxpNTEuV6FD+LZ6ekP0cBQD6lgMUAL4WloTWBsF5Ygeww9lxBUcaBXO/4lFuwYMqv6P+Ha1jFtiaXLr8fm7M7cX17fLezzubN/uJhTd61KV2va6qbAZS4A8eSa2p9qzpm/rROgEBH+6ktHh4Apd6m1UDf/nBFsdM8rl2CvaZo034Bdw==) -> Nalezeno
[Suspicious.Path] \hrexWxS1mZm2uHVaJrMQPhPZh2 -- C:\Users\Petr\AppData\Roaming\hrexWxS1mZm2uHVaJrMQPhPZh2.exe (--c=MZL6YwXqaEoyDT0yHw9DXv7rO8pHpuAxWtmh0fNnJ0E4CcTuX5za06OtUUnZrkG6v+JdCL3OUyST+biaCwKjbWXExHvP9fRWNXXsimy8M1T5IDTSwdvC6PYtNN1H4cxy2oLolRxZS0ud/RO9JKZhKSr3CVY7lDgsd3DNTZu4Jl2cwXWLRZws5Gv9aefKBHEblAJbuKOt4AG5LaQIDEjN90M2sMvMrnxKrwe8c4d+LL92R3yVdg59SiAkyT/JtN4tLGYQqSUffGlG88ZVpLuXaWZc+wNGWRy69t2U3T661lg6Q/pGDEQDgiD+3+zKdq8yXnRqQAneMGZZHNK8Blfynw==) -> Nalezeno
[Suspicious.Path] \psv_zwoa11ll -- cmd.exe (/c regedit.exe /s "C:\ProgramData\Saophase\knu4esv5.vus.reg" & del "C:\ProgramData\Saophase\knu4esv5.vus.reg" & SCHTASKS /Delete /TN "psv_zwoa11ll" /F) -> Nalezeno
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 8 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_POWER[22] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418c549600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\storport.sys - IRP_MJ_PNP[27] : Unknown @ 0x418c549600000000
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll.dll - memcpy : Unknown @ 0x798f490 (repne jmp 0xffffffe4|repne jmp 0xffffffe4|repne jmp 0xffffffe4)
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SI SCSI Disk Device +++++
--- User ---
[MBR] b1f7d6ea2fb5b78abecb5cb9c9a91272
[BSP] 8004430ad8ba76467bf17119ac7b2bae : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 253517 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 519921664 | Size: 699999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 68 hostů