Prosím o kontrolu logu (cpuminer.exe vytěžuje CPU, + sgminer GPU na 98%) Vyřešeno

[Kotik]

Prosím o kontrolu logu. Mladší bratr totálně zaviroval PC...Netuším, co všechno nainstaloval, kde lezl...Jak jsem se zmínil již v nadpise, v procesech běží cpuminex.exe a vytěžuje CPU 30-40% neustále dokud ho neukončím. Dále také grafika běží stále na 98% i když je v idle - za to může proces sgminer.exe, pokud ukončím, vytížení 0%. Po restartu samozřejmě nanovo. I v prohlížeči (Chrome) se občas zobrazují prázdná okna, jakoby reklamy, po kliknutí na křížek se otevře okno, které Avast následně zablokuje.

Odinstaloval jsem program "zrychlení počítače", a něco cosi uninstaler, žádné jiné nežádoucí jsem již neobjevil.

Zde jsou logy (po restartu, nic neukončeno), zatím jsem nic nemazal. Děkuji.

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:52, on 12.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Kotovi\AppData\Roaming\cpuminer\sgminer\sgminer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Kotovi\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [EasyTune] C:\Program Files (x86)\GIGABYTE\EasyTune\etro.exe
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Desktop.scf
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9829 bytes

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

MBAM:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 12.7.2015
Čas skenování: 13:57
Protokol: MBAM.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.12.02
Databáze rootkitů: v2015.07.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Kotovi

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 357267
Uplynulý čas: 10 min, 10 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
PUP.Optional.CPUMiner, C:\Windows\System32\cpuminer-gw64.exe, 3788, , [2bb709d783076bcba7e0cdc513f13ec2]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 57
PUP.Optional.Bundler, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PowerISO, , [25bdae32850589adfbb8be611aeb8c74],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, , [25bd8e52a4e6ca6c6d02f59814f0c739],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, , [b03230b0b2d8f541e09a9fee45bfab55],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, , [984a934d2b5fed49b698a0e910f42ed2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [a042e6fad3b7b086a4fe08370cf710f0],
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [8c56528ec1c97db962216524877d7a86],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, , [27bb60804a40999d69fa5fa211f2f10f],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV03.07-nv, , [01e17f61602a4ee80e27b66f09fa659b],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV03.07-nv-ie, , [5f83cd13c1c92d09d164dc49b251cb35],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, , [449ed808305a191d84ebfc9140c4e21e],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [5b8723bd92f80f27cf37e2316f940af6],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [b230b62a87033cfa771680c98b7801ff],
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\oursurfingSoftware, , [fee4b62a2b5fb97dd0a710f22ad931cf],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [835f3ba5b1d9e551edf68bec0ff517e9],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [2ab8ecf41c6efc3af8ca7d921fe4a858],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, , [0cd6964afe8c4cea3e3c35589f65cc34],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [a939756bc7c31a1c35e3798aec170cf4],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, , [9b47dc042c5ef93d87c71079887c31cf],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, , [e200ca16375375c1b0083d4f3ec61ee2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, , [16cc40a0206a1b1ba9f9f946af5447b9],
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [e0025d83d6b4ae88a6dd96f34eb642be],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [00e2697733579c9a6d7ce923fa09c13f],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [a43e8d53a2e870c6de0a3ece8083fe02],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [558d29b7840666d04b2373a77e85da26],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [38aacc14d0ba7bbbfaedfb1116edf40c],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [4d9590505a301b1b419fb86d1ae9d52b],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [d909934d51398da91fb2f19eac5812ee],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [855d8858f298b2848332c557ab5801ff],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [ebf79e42e9a15ed8ca98d8297c87dd23],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV03.07-nv-ie, , [f7eb746cb8d2df57231361c470937c84],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [7c667c64fd8d1620cc8576134cb8d030],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\AskPartnerNetwork, , [6181a04090fa7fb70a5806fb44bf07f9],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\CinemaP-1.9cV03.07-nv, , [5f83825e1674a78f49ed45e0f013c53b],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\CinemaP-1.9cV03.07-nv-ie, , [db07f9e77e0ce056f343db4abd469a66],
PUP.Optional.HighDefAction.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\HighDefAction, , [eef4944ca5e59a9c521cf29b8282d729],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\HomeTab, , [1ec4d709f59501352da942f25fa4b848],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\SearchProtectWS, , [7072b7296228c571c02b15f7af540000],
PUP.Optional.TNT.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\TNT2, , [df03fde36f1bdc5a5a3b24eacb3855ab],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\WajIEnhance, , [f5ed7d6341490a2cb3e53bd93ec58977],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\WajIntEnhance, , [b032e9f7bdcdbc7a685bd03ff60d4bb5],
PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\YorkNewCin, , [687a5f8192f839fdec8d573644c0f50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [667c10d0404a85b1417a205052b2f40c],
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\ARENAHD, , [637f855bdbaf7eb8f756e8a1d2326d93],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [12d04898d7b32f07379089997c871ee2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV03.07, , [667c38a8533793a301ab0b0de2219967],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [5b87518f6624f046117174159b6921df],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, , [c81a40a02d5d21154e344148729253ad],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [bc26da06fc8e3303334f048558acac54],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E2BB1A36-482E-4C2F-886F-27CD9FEB5C85}, , [28ba835d6d1d72c45a289fea51b3d030],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, , [f8ea4e928208f83ea8dab5d4927238c8],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [865cfde3dbafaa8c305ffd0c649fd828],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [34ae9a46c3c7092d702023e62ad91de3],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [647e1dc3afdb3ef8dcb51aef9d66d32d],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [9f430ad6b8d2290db82bb2d6fa0af20e],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [a43e99471377c96deca6848527dc10f0],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [6f730ed2494192a4a5eeb257bc476799],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\SIMPLYTECH\HomeTab, , [766c3fa17e0c3006e10697aec73c38c8],

Hodnoty registru: 19
PUP.Optional.CPUMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|cpuminer, C:\Windows\system32\cpuminer-gw64.exe, , [2bb709d783076bcba7e0cdc513f13ec2]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, , [984a934d2b5fed49b698a0e910f42ed2]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, , [439fc51ba3e76fc7a8b12f5a9d67c23e]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, , [8c56528ec1c97db962216524877d7a86]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, , [b929eef26b1fbc7a80035d2c2fd5cc34]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, , [9b47dc042c5ef93d87c71079887c31cf]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, , [90525987bcce1026d8d0e0243fc442be]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, , [8d558b559ded24124118c6c3739126da]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, , [e0025d83d6b4ae88a6dd96f34eb642be]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, , [c121d50beaa0ab8bf68d9bee14f03dc3]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, , [4d9590505a301b1b419fb86d1ae9d52b]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\ARENAHD|value, 1, , [637f855bdbaf7eb8f756e8a1d2326d93]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\HIGHDEFACTION|value, 1, , [b929fde32268181e68ef9fea3ec624dc]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, , [5b87518f6624f046117174159b6921df]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, , [c81a40a02d5d21154e344148729253ad]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.oursurfing.com//favicon.ico, , [677b79675f2b0f27c5bd6a1f48bcb34d]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, , [bc26da06fc8e3303334f048558acac54]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E2BB1A36-482E-4C2F-886F-27CD9FEB5C85}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, , [28ba835d6d1d72c45a289fea51b3d030]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, , [f8ea4e928208f83ea8dab5d4927238c8]

Data registru: 5
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG),,[2db512ce137762d4cd01c36bc5407987]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, Dobré: (http://www.google.com), Špatné: (http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}),,[21c16a763753a59108c8e24c9471a65a]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, Dobré: (http://www.google.com), Špatné: (http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}),,[519111cf4b3f2b0b5d739c92c44144bc]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[42a0b22e8901b0867ba481acd82dcf31]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG),,[30b2e1ff1e6c41f54f7fd658bf469967]

Složky: 14
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [4b975f818bff45f156822aca956d7c84],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [4b975f818bff45f156822aca956d7c84],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [dc06d50b4e3cfe38c499bc42f50da55b],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\popupResource, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\userCode, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\actions, , [578b2ab60f7bf1457baffd65f60f08f8],

Soubory: 122
PUP.Optional.OpenCandy, C:\Users\Kotovi\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe, , [2eb4d8085832d363fa4187cc64a1fd03],
PUP.Optional.Bundler, C:\Program Files (x86)\PowerISO\uninstall.exe, , [25bdae32850589adfbb8be611aeb8c74],
PUP.Optional.Amonetize, C:\Users\Kotovi\AppData\Local\Temp\Rar$EXa0.449\Installer__7934_il8803.exe, , [1bc7e4fc9eecbb7b949e00b96b96f20e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-6, , [0ed4934d4e3cc076c09fd359b35035cb],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-7, , [fbe7f1ef296174c2bfa06cc007fcc33d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-10_user, , [edf525bb8dfd9a9cc19eff2d3ac931cf],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-3, , [a83ab42cf49642f4203f6cc07c877a86],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5, , [548e07d9cac0181eec73ae7e917242be],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5_user, , [ecf69f413654e353045b5dcfc3409e62],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-6, , [28ba88581f6bae88d6895cd006fdf709],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-7, , [31b131afa8e2a19539269d8f61a20cf4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-6.job, , [2eb47a667812ea4c61f8fa7ef1130af6],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-7.job, , [0cd6914f533749ed9ebb2a4e9e664db3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-10_user.job, , [92508a568efcd1650a4fa6d27193728e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-3.job, , [27bbcc140c7e68ce9bbe84f47d87d32d],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5.job, , [ebf7db053b4fc472b4a596e2f41011ef],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5_user.job, , [5e844997bad0b18552076c0c31d3c13f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-6.job, , [855d9050a7e31125fa5f8eeaad5752ae],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-7.job, , [2eb448985931142294c51167df25857b],
PUP.Optional.CPUMiner, C:\Windows\System32\cpuminer-gw64.exe, , [2bb709d783076bcba7e0cdc513f13ec2],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\domain, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\expirationDate, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\hotsearch, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\hotsearch_uptime, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\name, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\path, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\set_country, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\set_z, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\TABts, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\uid, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\url, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\_ver, , [30b2bf2191f99e982672da254eb4a858],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\2901477a23b780c5af3803cb315d727b.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\12fa4603d25f6c39e65ccbb3968b5136.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\main.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\3ebcbcd4799b351d2791eee767ca7da9.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\66ab66628a4f90830ea8547d7574879d.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\8fbc81d29dabdb27f6edf2cc65af8359.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\bbeb10bcda193d366d365466006e3f17.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\d5ecf9be14bf514f027b3090aaa95cda.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\pageAction.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\1340f3ad5b869ec4cce11213ada945d7.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\28afe06f473f4ed7c84549909532bda0.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\29c026759335ecd9ea9c685701509d68.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\5c16d5c9041991bd21acf87fe07b3b87.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\6526eb38297e8a437f6d1c582934dbcc.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\6a07e659a2d769a391f4b4fb9d8cd0d3.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\7c371bf7f7733f2ca67fc349b579d1f3.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\9094a3a8ab96830c15831aa163ae8343.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\af79ad20dd52f4a5a1c8a9e85fdde230.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\app_api.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\b8f20c44de33701ee953b56473e38682.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\c8e5651e43b3b452bb914ad786c66ffe.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\d68a2fb3f51edc4780ffe04cf459ca27.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\e74f1c4fbd066dda0b35483454fff72a.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\f74c45c5481b663bfa261820de111bb7.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\installer.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\popupResource\newPopup.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\popupResource\popup.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\background.html, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\chromeCoreFilesIndex.txt, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\manifest.json, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\popup.html, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\Settings.json, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\manifest.xml, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins.json, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\273.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\102.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\104.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\119.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\13.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\14.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\17.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\178.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\179.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\180.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\184.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\19.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\195.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\200.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\220.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\223.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\231.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\232.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\234.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\242.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\246.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\252.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\253.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\262.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\263.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\281.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\288.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\289.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\300.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\335.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\339.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\345.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\354.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\356.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\376.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\379.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\380.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\385.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\389.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\390.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\391.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\4.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\47.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\64.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\7.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\78.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\80.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\9.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\91.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\97.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\userCode\background.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\userCode\extension.js, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\icon128.png, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\icon16.png, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\icon48.png, , [578b2ab60f7bf1457baffd65f60f08f8],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\actions\1.png, , [578b2ab60f7bf1457baffd65f60f08f8],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Reklama]

[jerabina]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

[Kotik]

# AdwCleaner v4.208 - Log vytvořen 12/07/2015 v 18:43:42
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-11.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : Kotovi - KOTOVI-PC
# Spuštěno z : C:\Users\Kotovi\Desktop\AdwCleaner.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\ProgramData\apn
Složka Nalezeno : C:\ProgramData\IHProtectUpDate
Složka Nalezeno : C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Složka Nalezeno : C:\Users\Kotovi\AppData\Roaming\cpuminer
Složka Nalezeno : C:\Users\Kotovi\SupTab
Soubor Nalezeno : C:\Windows\System32\cpuminer-conf.json
Soubor Nalezeno : C:\Windows\System32\cpuminer-gw64.exe

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : amiupdaterExd
Úloha Nalezeno : amiupdaterExi
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-6
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-7
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-10_user
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-3
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-5
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-5_user
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-6
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-7
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-6
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-7
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-10_user
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-3
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-5
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-5_user
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-6
Úloha Nalezeno : d0d05261-38d4-496e-8a72-6c0bdc2058bf-7

***** [ Zástupci ] *****


***** [ Registry ] *****

Data Nalezeno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG
Klíč Nalezeno : HKCU\Software\APN PIP
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Nalezeno : HKCU\Software\ArenaHD
Klíč Nalezeno : HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč Nalezeno : HKCU\Software\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Klíč Nalezeno : HKCU\Software\HighDefAction
Klíč Nalezeno : HKCU\Software\HomeTab
Klíč Nalezeno : HKCU\Software\InstalledBrowserExtensions
Klíč Nalezeno : HKCU\Software\Kromtech
Klíč Nalezeno : HKCU\Software\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E2BB1A36-482E-4C2F-886F-27CD9FEB5C85}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKCU\Software\SearchProtectWS
Klíč Nalezeno : HKCU\Software\simplytech
Klíč Nalezeno : HKCU\Software\Simplytech\HomeTab
Klíč Nalezeno : HKCU\Software\TNT2
Klíč Nalezeno : HKCU\Software\WajIEnhance
Klíč Nalezeno : HKCU\Software\WajIntEnhance
Klíč Nalezeno : HKCU\Software\YorkNewCin
Klíč Nalezeno : [x64] HKCU\Software\APN PIP
Klíč Nalezeno : [x64] HKCU\Software\ArenaHD
Klíč Nalezeno : [x64] HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : [x64] HKCU\Software\HighDefAction
Klíč Nalezeno : [x64] HKCU\Software\HomeTab
Klíč Nalezeno : [x64] HKCU\Software\InstalledBrowserExtensions
Klíč Nalezeno : [x64] HKCU\Software\Kromtech
Klíč Nalezeno : [x64] HKCU\Software\Linkey
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E2BB1A36-482E-4C2F-886F-27CD9FEB5C85}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Nalezeno : [x64] HKCU\Software\SearchProtectWS
Klíč Nalezeno : [x64] HKCU\Software\simplytech
Klíč Nalezeno : [x64] HKCU\Software\Simplytech\HomeTab
Klíč Nalezeno : [x64] HKCU\Software\TNT2
Klíč Nalezeno : [x64] HKCU\Software\WajIEnhance
Klíč Nalezeno : [x64] HKCU\Software\WajIntEnhance
Klíč Nalezeno : [x64] HKCU\Software\YorkNewCin
Klíč Nalezeno : HKLM\SOFTWARE\AIM Toolbar
Klíč Nalezeno : HKLM\SOFTWARE\ArenaHD
Klíč Nalezeno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Nalezeno : HKLM\SOFTWARE\Conduit
Klíč Nalezeno : HKLM\SOFTWARE\GlobalUpdate
Klíč Nalezeno : HKLM\SOFTWARE\HighDefAction
Klíč Nalezeno : HKLM\SOFTWARE\IHProtect
Klíč Nalezeno : HKLM\SOFTWARE\Iminent
Klíč Nalezeno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKLM\SOFTWARE\oursurfingSoftware
Klíč Nalezeno : HKLM\SOFTWARE\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\searchult
Klíč Nalezeno : HKLM\SOFTWARE\SpeedBit
Klíč Nalezeno : HKLM\SOFTWARE\SupDp
Klíč Nalezeno : HKLM\SOFTWARE\SupTab
Klíč Nalezeno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Nalezeno : HKLM\SOFTWARE\WajIntEnhance
Klíč Nalezeno : HKLM\SOFTWARE\YorkNewCin
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Nalezeno : [x64] HKLM\SOFTWARE\ArenaHD
Klíč Nalezeno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Nalezeno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpuminer
Klíč Nalezeno : [x64] HKLM\SOFTWARE\YorkNewCin
Klíč Nalezeno : HKU\.DEFAULT\Software\AskPartnerNetwork

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}

-\\ Google Chrome v

[C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://www.oursurfing.com/web/?type=dsp ... 4Y06NZG&q={searchTerms}
[C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://www.oursurfing.com/web/?type=dsp ... 4Y06NZG&q={searchTerms}
[C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [9062 bytů] - [12/07/2015 18:43:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9120 bytů] ##########

[Kotik]

Snad je to ten správný log. MBAM vyžadoval restart, log jsem tedy hledal až po restartu v MBAM v záznamech podle času. Jinak cpuminer je pryč, sgminer zůstal.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.7.2015
Čas skenování: 18:46
Protokol: MBAM1.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.12.02
Databáze rootkitů: v2015.07.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Kotovi

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 355550
Uplynulý čas: 9 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
PUP.Optional.CPUMiner, C:\Windows\System32\cpuminer-gw64.exe, 3496, Smazat při restartu, [32b09050cebc2a0cd5b2dfb3e420c040]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 57
PUP.Optional.Bundler, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PowerISO, Do karantény, [7171766a147655e1c0f3e6398c796f91],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, Do karantény, [fee431af4842aa8c0e611a73a75de020],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, Do karantény, [4f9300e0206a32046812d1bc51b3fa06],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, Do karantény, [cc166779ef9b2a0cf35baedb60a44ab6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Do karantény, [c121cd13008a2a0ca5fd102f38cb9d63],
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Do karantény, [15cdc51b177355e196ed59303cc86997],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Do karantény, [f5ed558bacdec670ed76e61bfa09cf31],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV03.07-nv, Do karantény, [0cd65b85424858de62d345e024df1ce4],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV03.07-nv-ie, Do karantény, [ad3539a72961f244a88d2afb857eb54b],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, Do karantény, [1dc56c74ed9dd561b9b6107dd72d2ad6],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, Do karantény, [b230d10f75151620a1659d767f84f010],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, Do karantény, [637f8957bcce77bf404d064342c15aa6],
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\oursurfingSoftware, Do karantény, [fee41fc1f6948da94c2baf53a55ef30d],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Do karantény, [5d856b757218c76fd40faacd4eb607f9],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, Do karantény, [6181f3ed7713c76f92300d021ae926da],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, Do karantény, [4f9309d79bef05317307721b3fc552ae],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Do karantény, [954d5789c8c2f145b6629271e51ef010],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, Do karantény, [826020c0f09a31055bf383062ada45bb],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, Do karantény, [27bb825e385274c23385abe17094619f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, Do karantény, [03dfce1248420b2b495942fd5ea5748c],
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Do karantény, [39a96f716e1cb5812a590b7e3aca669a],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Do karantény, [9250a53be5a5e0564c9dea22d92aeb15],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Do karantény, [845e77696f1baf8725c3a369b25119e7],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Do karantény, [6e74d70977133afcf975a179d42f35cb],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Do karantény, [e8fa5b853159ba7cf6f1fb11996a669a],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Do karantény, [b72b5a86d0ba013516ca0d183dc67a86],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, Do karantény, [19c9a13f6a203ef812bf296631d317e9],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Do karantény, [37ab9d436f1b89adcbea9d7f5fa4619f],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Do karantény, [7a68964ad7b333033b277988e61d04fc],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV03.07-nv-ie, Do karantény, [e6fc01df04861d19e155a481f01331cf],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Do karantény, [8a588c5439510b2b4f020980b25216ea],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\AskPartnerNetwork, Do karantény, [02e0f9e77d0dd363283a9c65cb384db3],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\CinemaP-1.9cV03.07-nv, Do karantény, [bb27ba2617731a1c59dd998c38cb758b],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\CinemaP-1.9cV03.07-nv-ie, Do karantény, [f6ec0dd3127874c270c6ea3bef14de22],
PUP.Optional.HighDefAction.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\HighDefAction, Do karantény, [a73bbe22800a68ce84eac0cd7e86857b],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\HomeTab, Do karantény, [17cb6080d8b2b77fae2864d0bc472ed2],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\SearchProtectWS, Do karantény, [6181edf3bdcdd462d9126d9f09faac54],
PUP.Optional.TNT.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\TNT2, Do karantény, [4999419fe3a73402563fae60867df10f],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\WajIEnhance, Do karantény, [34aef2eecbbf71c5e2b684906d96c13f],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\WajIntEnhance, Do karantény, [0cd66779b6d4cd6921a2987741c2c739],
PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\YorkNewCin, Do karantény, [e002db058dfd48eeec8ddcb108fcee12],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Do karantény, [6b77855b18725bdb8a31ea8642c2659b],
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\ARENAHD, Do karantény, [6d758f51f496b97d3815b3d61de717e9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Do karantény, [548e33ad6822f73f913681a1f70c837d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV03.07, Do karantény, [5c86fae694f641f5efbd859326ddec14],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Do karantény, [439ff1efa7e372c4453dbccd4cb836ca],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, Do karantény, [af33746c4c3e58de3b474643b94b1fe1],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Do karantény, [9b47419f7a1047ef6a18f69305ffeb15],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E2BB1A36-482E-4C2F-886F-27CD9FEB5C85}, Do karantény, [fde58957494146f0661c9aef1ce8bb45],
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, Do karantény, [ecf6ac345a30fc3ae39f494033d1b947],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Do karantény, [09d922bea9e138fe09861eeb000351af],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Do karantény, [707277696a20191dd5bb30d916edf010],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Do karantény, [7e64e2fe701ac17592ffa16893702cd4],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, Do karantény, [3ea430b097f3989ec51e41471fe559a7],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Do karantény, [667c99470c7e1e18ccc63dccde2520e0],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Do karantény, [6e74746c7515ba7cddb6a7629f647987],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\SIMPLYTECH\HomeTab, Do karantény, [07dbb12f2c5e5cda8a5d3114a65dac54],

Hodnoty registru: 19
PUP.Optional.CPUMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|cpuminer, C:\Windows\system32\cpuminer-gw64.exe, Do karantény, [32b09050cebc2a0cd5b2dfb3e420c040]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, Do karantény, [cc166779ef9b2a0cf35baedb60a44ab6]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, Do karantény, [08da87598cfeb08652079dec788c718f]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, Do karantény, [15cdc51b177355e196ed59303cc86997]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, Do karantény, [ad3523bd523860d6a0e325647e8649b7]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, Do karantény, [826020c0f09a31055bf383062ada45bb]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, Do karantény, [71717f61e8a256e0d8d017ed28db837d]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, Do karantény, [d210bb25d8b2e55181d8167336ce23dd]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, Do karantény, [39a96f716e1cb5812a590b7e3aca669a]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, Do karantény, [03df6977ec9e3ff702817a0fcf351ae6]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, Do karantény, [b72b5a86d0ba013516ca0d183dc67a86]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\ARENAHD|value, 1, Do karantény, [6d758f51f496b97d3815b3d61de717e9]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\HIGHDEFACTION|value, 1, Do karantény, [3ca6528e96f4bc7a5cfb1871ee163ec2]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, Do karantény, [439ff1efa7e372c4453dbccd4cb836ca]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, Do karantény, [af33746c4c3e58de3b474643b94b1fe1]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.oursurfing.com//favicon.ico, Do karantény, [1cc6e1ff622838fecdb5addc34d07987]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, Do karantény, [9b47419f7a1047ef6a18f69305ffeb15]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E2BB1A36-482E-4C2F-886F-27CD9FEB5C85}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, Do karantény, [fde58957494146f0661c9aef1ce8bb45]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3181094645-988383845-3654219759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}, Do karantény, [ecf6ac345a30fc3ae39f494033d1b947]

Data registru: 5
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG),Nahrazeno,[2cb6cc1427636ec86f5f32fc9a6b2cd4]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}),Nahrazeno,[fee4835d5337a98d4a8645e9b94c5ba5]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.oursurfing.com/web/?type=ds& ... 4Y06NZG&q={searchTerms}),Nahrazeno,[11d1d010c2c872c4498734fabe47cf31]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Nahrazeno,[bb277b651a702610b06fc16c1aebd42c]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1 ... XXS4Y06NZG),Nahrazeno,[14ce11cfee9cbe78517d41eda06503fd]

Složky: 14
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, Do karantény, [657df9e7cbbf85b1597fcd27e12126da],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, Do karantény, [657df9e7cbbf85b1597fcd27e12126da],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Do karantény, [24be8c54008a74c2ce8fd7275ca61ce4],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\popupResource, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\userCode, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\actions, Do karantény, [736f449c503a64d2a981f072e71eeb15],

Soubory: 121
PUP.Optional.OpenCandy, C:\Users\Kotovi\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe, Do karantény, [e002796718728fa7b883d57e5da87090],
PUP.Optional.Bundler, C:\Program Files (x86)\PowerISO\uninstall.exe, Do karantény, [7171766a147655e1c0f3e6398c796f91],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-6, Do karantény, [c71b5a8684064cea451a1715b94a07f9],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-7, Do karantény, [5d854d931c6e1f176ff0d755af5450b0],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-10_user, Do karantény, [af331dc35e2cb77fd58a68c45fa48e72],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-3, Do karantény, [d909459bacdee94d510e77b5b94ae917],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5, Do karantény, [f3effde3b0dafc3af36c2c0024dfd42c],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5_user, Do karantény, [fde5a937e2a8bd79c29d989413f03dc3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-6, Do karantény, [9151934d1476b284332cd15b4cb76799],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-7, Do karantény, [37ab746cd3b77eb80758b577c53e22de],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-6.job, Do karantény, [33af736df199082ee475235521e3b64a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-1-7.job, Do karantény, [e20039a70c7ee452a2b74038c93bf20e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-10_user.job, Do karantény, [b72be4fce1a95adc00592c4ca85c1ae6],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-3.job, Do karantény, [c22005db800a60d68bce3147da2a08f8],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5.job, Do karantény, [f0f220c0751584b21b3ef187699bb947],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-5_user.job, Do karantény, [1cc6e000dab00a2c471289ef679d35cb],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-6.job, Do karantény, [6e74d709f59537ffc99088f08c783bc5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0d05261-38d4-496e-8a72-6c0bdc2058bf-7.job, Do karantény, [40a23da398f2072fe8710a6e7a8ae818],
PUP.Optional.CPUMiner, C:\Windows\System32\cpuminer-gw64.exe, Smazat při restartu, [32b09050cebc2a0cd5b2dfb3e420c040],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\domain, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\expirationDate, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\hotsearch, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\hotsearch_uptime, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\name, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\path, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\set_country, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\set_z, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\TABts, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\uid, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\url, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.SupTab.A, C:\Users\Kotovi\SupTab\_ver, Do karantény, [fbe7c71979112f07a3f558a79270e31d],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\2901477a23b780c5af3803cb315d727b.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\12fa4603d25f6c39e65ccbb3968b5136.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\main.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\3ebcbcd4799b351d2791eee767ca7da9.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\66ab66628a4f90830ea8547d7574879d.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\8fbc81d29dabdb27f6edf2cc65af8359.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\bbeb10bcda193d366d365466006e3f17.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\d5ecf9be14bf514f027b3090aaa95cda.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\pageAction.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\1340f3ad5b869ec4cce11213ada945d7.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\28afe06f473f4ed7c84549909532bda0.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\29c026759335ecd9ea9c685701509d68.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\5c16d5c9041991bd21acf87fe07b3b87.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\6526eb38297e8a437f6d1c582934dbcc.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\6a07e659a2d769a391f4b4fb9d8cd0d3.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\7c371bf7f7733f2ca67fc349b579d1f3.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\9094a3a8ab96830c15831aa163ae8343.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\af79ad20dd52f4a5a1c8a9e85fdde230.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\app_api.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\b8f20c44de33701ee953b56473e38682.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\c8e5651e43b3b452bb914ad786c66ffe.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\d68a2fb3f51edc4780ffe04cf459ca27.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\e74f1c4fbd066dda0b35483454fff72a.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\f74c45c5481b663bfa261820de111bb7.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\installer.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\popupResource\newPopup.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\popupResource\popup.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\background.html, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\chromeCoreFilesIndex.txt, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\manifest.json, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\popup.html, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\Settings.json, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\manifest.xml, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins.json, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\273.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\102.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\104.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\119.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\13.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\14.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\17.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\178.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\179.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\180.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\184.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\19.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\195.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\200.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\220.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\223.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\231.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\232.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\234.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\242.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\246.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\252.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\253.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\262.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\263.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\281.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\288.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\289.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\300.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\335.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\339.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\345.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\354.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\356.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\376.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\379.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\380.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\385.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\389.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\390.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\391.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\4.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\47.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\64.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\7.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\78.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\80.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\9.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\91.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\97.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\userCode\background.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\userCode\extension.js, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\icon128.png, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\icon16.png, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\icon48.png, Do karantény, [736f449c503a64d2a981f072e71eeb15],
PUP.Optional.CrossRider.A, C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\icons\actions\1.png, Do karantény, [736f449c503a64d2a981f072e71eeb15],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jerabina]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Kotik]

AdwCleaner:

# AdwCleaner v4.208 - Log vytvořen 12/07/2015 v 19:18:30
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-11.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : Kotovi - KOTOVI-PC
# Spuštěno z : C:\Users\Kotovi\Desktop\AdwCleaner.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\Users\Kotovi\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Soubor Smazáno : C:\Windows\System32\cpuminer-conf.json

***** [ Naplánované úlohy ] *****

Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpuminer

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v

[C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.oursurfing.com/web/?type=dsp ... 4Y06NZG&q={searchTerms}
[C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.oursurfing.com/web/?type=dsp ... 4Y06NZG&q={searchTerms}
[C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [9314 bytů] - [12/07/2015 18:43:42]
AdwCleaner[R1].txt - [3356 bytů] - [12/07/2015 19:17:10]
AdwCleaner[R2].txt - [3414 bytů] - [12/07/2015 19:17:49]
AdwCleaner[S0].txt - [3056 bytů] - [12/07/2015 19:18:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3114 bytů] ##########

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

JRT:
Ten jsem udělal 2x, log je z druhého chodu. Po prvním skenu jsem se totiž kouknul do správce úloh, a viděl 47 procesů, řekl jsem si, že asi předtím Adwcleaner nějaké procesy ukončil při mazání, a udělal tak JRT znova. Tím mi původní log z JRT zmizel a vytvořil se jiný, snad to nevadí.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.5 (07.12.2015:1)
OS: Windows 7 Ultimate x64
Ran by Kotovi on ne 12.07.2015 at 19:28:41,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Kotovi\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Kotovi\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Kotovi\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Kotovi\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 12.07.2015 at 19:32:21,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

RogueKiller:

RogueKiller V10.9.1.0 (x64) [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Opera?ní systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spu?t?no : Normální re?im
U?ivatel : Kotovi [Práva správce]
Started from : C:\Users\Kotovi\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 07/12/2015 19:44:06

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 7 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | gpuminer : C:\Users\Kotovi\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [x] -> Nalezeno
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBoxAswDrv (\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys) -> Nalezeno
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} -> Nalezeno
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3181094645-988383845-3654219759-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3181094645-988383845-3654219759-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlí?e?e : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM ST1000DM003-1ER1 SCSI Disk Device +++++
--- User ---
[MBR] 4cc14836374848d79ca8e3703fe8b241
[BSP] 1597054619a319bfada15a575c59f306 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 299899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 614400000 | Size: 653867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([18] Program vydal p?íkaz, délka p?íkazu je v?ak nesprávná. )

[jerabina]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

[Kotik]

RogueKiller:

RogueKiller V10.9.1.0 (x64) [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Opera?ní systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spu?t?no : Normální re?im
U?ivatel : Kotovi [Práva správce]
Started from : C:\Users\Kotovi\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 07/12/2015 20:22:32

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 7 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | gpuminer : C:\Users\Kotovi\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [x] -> Smazáno
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBoxAswDrv (\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys) -> ERROR [5]
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3181094645-988383845-3654219759-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3181094645-988383845-3654219759-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://search.msn.com/spbasic.htm)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlí?e?e : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM ST1000DM003-1ER1 SCSI Disk Device +++++
--- User ---
[MBR] 4cc14836374848d79ca8e3703fe8b241
[BSP] 1597054619a319bfada15a575c59f306 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 299899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 614400000 | Size: 653867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([18] Program vydal p?íkaz, délka p?íkazu je v?ak nesprávná. )

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Zoek:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Kotovi on ne 12.07.2015 at 20:27:01,19.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kotovi\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.7.2015 20:28:07 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\0ba8a151-eec8-403e-95a1-6e6926d89102 deleted successfully
C:\PROGRA~2\Opera deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\Users\Kotovi\AppData\Local\EmieSiteList deleted successfully
C:\Users\Kotovi\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\0ba8a151-eec8-403e-95a1-6e6926d89102 not found
C:\PROGRA~2\Opera not found
C:\PROGRA~2\Seznam.cz not found
C:\PROGRA~2\VS Revo Group not found
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\Tasks\avastBCLRestart_chrome.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Kotovi\Odinstalovat.exe deleted
"C:\Users\Kotovi\AppData\Local\LumaEmu" deleted
"C:\Users\Kotovi\AppData\Roaming\.mctitandinocraft" deleted
"C:\Users\Kotovi\AppData\Roaming\.technic" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22.04.2015 11:35]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22.04.2015 11:35]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Kotovi\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[14.02.2015 18:43]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

AdBlock - Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
haebnnbpedcbhciplfhjjkbafijpncjl - Kotovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl

==== Chromium Startpages ======================

C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Preferences
der_data":{"template_url_data":"1BE514149A27968A368E4FE7F08E39A2590AC8A5224EF8209C0E41B2A241A86F"},"extensions":{"settings":{"aaaaaiabcopkplhgaedhbloeejhhankf":"38A5FDF16CFA59CBF85308BD1B8EA2E8A05B323B7C57E5F4F304A88B11195FFC","aapocclcgogkmnckokdopfmhonfmgoek":"D7BF33B962C0EB790DA72FC05884CA862C0106722C5C8B3C7C63B890E5C66AB6","ahfgeienlihckogmohjhadlkjgocpleb":"F586FF27FF40062A4B8B36D1B0ABC30122A9C8CE6A8F8FBE0B177572E42C3B5D","aohghmighlieiainnegkcijnfilokake":"D1CDBCA75042BC2B92ADB2D492E3A7F4B9E485FEAEE8481255F58A4CE7150399","apdfllckaahabafndbhieahigkjlhalf":"332BC7195DBB6153FC9668038221CF41EBD32D29BB80305FD3EF2A13C89FA9D0","bepbmhgboaologfdajaanbcjmnhjmhfn":"CA06756D2074563AA5F865EB057597EDC03AE64489E1D364F49866C806DD43C6","blpcfgokakmgnkcojhhkbfbldkacnbeo":"BC70AB0F51BB1A603EC3493F2EA26299676D406A480A565C51BFC931236FD36B","coobgpohoikkiipiblmjeljniedjpjpf":"998FAB066B85719670920C900BED9BED90094E922B0D48E817C965B987ECFFED","eemcgdkfndhakfknompkggombfjjjeno":"2D02172F0722E375582D358DCC83AD1EE32E2D29E1359112788B997F303E44B0","ennkphjdgehloodpbhlhldgbnhmacadg":"2742E7E4862AD6C0A686A5ADACFBB96A3D4C1DCAE10FE27BB51C196007D94CC4","fcfenmboojpjinhpgggodefccipikbpd":"F4B7DE7DF99787CCAC696FE1F2039277653AEC5631BE9C699AA08DE0A5E47019","felcaaldnbdncclmgdcncolpebgiejap":"F866E79BA0FF3C1340D9AA0B2E649221532651D55B037660F50A9F9631D28D12","gfdkimpbcpahaombhbimeihdjnejgicl":"57A0A19F2B576A4FA088A70F9B8A37E13AEA891019DCA60E7DE6FA2266BA6603","gighmmpiobklfepjocnamgkkbiglidom":"0F7730228C1443C2653C7FB20D82F5F0B6F5EF97B6C34A5551392470B81E2340","gomekmidlodglbbmalcneegieacbdmki":"02C49EBC1838242E318FD1F19F06487975226108B92BD516F55271316C1E4127","haebnnbpedcbhciplfhjjkbafijpncjl":"DB7516500A5492D7D0DE892645D39E340DEEC192266FCAEE9B1796DF14D6E683","kmendfapggjehodndflmmgagdbamhnfd":"229AFE09CB6C48DA691C0AE5783E2483BA8F4A1E5686253B522BAD77C511CD16","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"C05D54CD883651C2F98B56DE4AD290D54EA4007D5BDD441015ED548CA123C5EA","lkadffjmnaiokkdncgdlecdegajoiemi":"FADF02C3649B8632F37BCC85D01D4B062BCDA8535921CFA61486FC2B80D517C5","lmjegmlicamnimmfhcmpkclmigmmcbeh":"4BA4A8BCC229A0194A92F702A09A94BB938A546EBC3B59B6E48371CD27F69840","mfehgcgbbipciphmccgaenjidiccnmng":"43B43BF0F12E970AC80C1AA80726D94A5067FC7AEBBAA9ED0EF687ACE37CCBF2","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4946AA8BB124EC2CCAB80AB7F5EB9B465FB0CD6D6204D104C87CF1F97D09CD","mhjfbmdgcfjbbpaeojofohoefgiehjai":"C146E797BE228E02A60D4B3FEE5F3660C45A60C67C0C1AAA2A7060BD41604AC6","neajdppkdcdipfabeoofebfddakdcjhd":"DCCE5937F8F433704D7EE9230DCBE7452A4A312E9B457E4A5795D88C2D674DEC","nkeimhogjdpnpccoofpliimaahmaaome":"674D76861DC793C9A4E3F4F692D131D243C75E2501C679CA25F2662256D6AE50","nmmhkkegccagdldgiimedpiccmgmieda":"21807A91D65ACA28E3BD8C77154DB14B874FDF6DEE6B1D21926AF36FD8BE4804","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"427D6AEB555C7A109402C95539B89CDD5513087129FA1C8CC38C3EAD03AF0A65","pjkljhegncpnkpknbcohdijeoejaedia":"8B5BA612F50713B7C5AB0E0324F827AC40C7C56CB77C7D2F18175C98DD52FA94"}},"google":{"services":{"last_username":"08398E1AB845FC052F7AA66D5CC52FAA773D9E389BAEBD19E7B3914CF0AD6179","username":"56D0DAC09FEAD50D693DA1A4BE3C8A8E48F9DE9C22FF1B462C58CD2400C6968E"}},"homepage":"358ECA6BC8B3C1C71A54633E796E0AC69397D5B2712E7D5ECCCBC4AEAC2FA8BB","homepage_is_newtabpage":"E0F97923C2ACD48A4EAFD1831419FC5136029DED9147FE7141C741B2898757C2","pinned_tabs":"037E3A528E43818A94E0E9636F54FDEE66E508F33ECFE1EE446D4321EFD0DF4B","prefs":{"preference_reset_time":"CB050CD654EAF649B4848F26ACF705EBD9E41D357491B09E28AEE916FC4C95F0"},"profile":{"reset_prompt_memento":"756FB65E300B1A0F9D40C7B23704AF97483BC0D4BD73DDA05EDC5046E4517D69"},"safebrowsing":{"incidents_sent":"6FD247233BB897EA6A51A5F9DB2C4168B4B9D799780562F812B9A8C936882104"},"search_provider_overrides":"2EB6A16BE7B87F304A69C841C28AD3F811C3C2C5241FBED70A27DB8C7339D94E","session":{"restore_on_startup":"59328721EEC4A1D573823A50ABAB3F67E5E88B2EC61C5687AC335F9FCF8A7437","startup_urls":"F02AE17956C01615FD3747AC3E167985CADBA785C694391269EFE3365391B82F"},"software_reporter":{"prompt_reason":"DB88FFDF469488820A24909CA7AE7471C9D6BF9F2E3EBAD2299216A8200B1A3D","prompt_seed":"CDF8FF35B196AA79FA9C8CA199545A3A48E6E86F70BD052FD8D0D09AE650C1A3","prompt_version":"2CD8F648A9683655221B29214DCBFB7B1FE0060EE8532FB2D4447E498124E59F"},"sync":{"remaining_rollback_tries":"E65A3484E8D700D7DA29C953DD6B76E9A636EDA6003E745689398B13E8CECF15"}},"super_mac":"B9DA5F359D8472E4ED9E96FD07FB5C1B192815C2C41C70ED4030ACE8F51AD535"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":null,"startup_urls":["https://www.seznam.cz/?clid=22668"],"urls_to_restore_on_startup":null},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"},"sync":{"remaining_rollback_tries":0}}
der_data":{"template_url_data":"1BE514149A27968A368E4FE7F08E39A2590AC8A5224EF8209C0E41B2A241A86F"},"extensions":{"settings":{"aaaaaiabcopkplhgaedhbloeejhhankf":"38A5FDF16CFA59CBF85308BD1B8EA2E8A05B323B7C57E5F4F304A88B11195FFC","aapocclcgogkmnckokdopfmhonfmgoek":"D7BF33B962C0EB790DA72FC05884CA862C0106722C5C8B3C7C63B890E5C66AB6","ahfgeienlihckogmohjhadlkjgocpleb":"F586FF27FF40062A4B8B36D1B0ABC30122A9C8CE6A8F8FBE0B177572E42C3B5D","aohghmighlieiainnegkcijnfilokake":"D1CDBCA75042BC2B92ADB2D492E3A7F4B9E485FEAEE8481255F58A4CE7150399","apdfllckaahabafndbhieahigkjlhalf":"332BC7195DBB6153FC9668038221CF41EBD32D29BB80305FD3EF2A13C89FA9D0","bepbmhgboaologfdajaanbcjmnhjmhfn":"CA06756D2074563AA5F865EB057597EDC03AE64489E1D364F49866C806DD43C6","blpcfgokakmgnkcojhhkbfbldkacnbeo":"BC70AB0F51BB1A603EC3493F2EA26299676D406A480A565C51BFC931236FD36B","coobgpohoikkiipiblmjeljniedjpjpf":"998FAB066B85719670920C900BED9BED90094E922B0D48E817C965B987ECFFED","eemcgdkfndhakfknompkggombfjjjeno":"2D02172F0722E375582D358DCC83AD1EE32E2D29E1359112788B997F303E44B0","ennkphjdgehloodpbhlhldgbnhmacadg":"2742E7E4862AD6C0A686A5ADACFBB96A3D4C1DCAE10FE27BB51C196007D94CC4","fcfenmboojpjinhpgggodefccipikbpd":"F4B7DE7DF99787CCAC696FE1F2039277653AEC5631BE9C699AA08DE0A5E47019","felcaaldnbdncclmgdcncolpebgiejap":"F866E79BA0FF3C1340D9AA0B2E649221532651D55B037660F50A9F9631D28D12","gfdkimpbcpahaombhbimeihdjnejgicl":"57A0A19F2B576A4FA088A70F9B8A37E13AEA891019DCA60E7DE6FA2266BA6603","gighmmpiobklfepjocnamgkkbiglidom":"0F7730228C1443C2653C7FB20D82F5F0B6F5EF97B6C34A5551392470B81E2340","gomekmidlodglbbmalcneegieacbdmki":"02C49EBC1838242E318FD1F19F06487975226108B92BD516F55271316C1E4127","haebnnbpedcbhciplfhjjkbafijpncjl":"DB7516500A5492D7D0DE892645D39E340DEEC192266FCAEE9B1796DF14D6E683","kmendfapggjehodndflmmgagdbamhnfd":"229AFE09CB6C48DA691C0AE5783E2483BA8F4A1E5686253B522BAD77C511CD16","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"C05D54CD883651C2F98B56DE4AD290D54EA4007D5BDD441015ED548CA123C5EA","lkadffjmnaiokkdncgdlecdegajoiemi":"FADF02C3649B8632F37BCC85D01D4B062BCDA8535921CFA61486FC2B80D517C5","lmjegmlicamnimmfhcmpkclmigmmcbeh":"4BA4A8BCC229A0194A92F702A09A94BB938A546EBC3B59B6E48371CD27F69840","mfehgcgbbipciphmccgaenjidiccnmng":"43B43BF0F12E970AC80C1AA80726D94A5067FC7AEBBAA9ED0EF687ACE37CCBF2","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4946AA8BB124EC2CCAB80AB7F5EB9B465FB0CD6D6204D104C87CF1F97D09CD","mhjfbmdgcfjbbpaeojofohoefgiehjai":"C146E797BE228E02A60D4B3FEE5F3660C45A60C67C0C1AAA2A7060BD41604AC6","neajdppkdcdipfabeoofebfddakdcjhd":"DCCE5937F8F433704D7EE9230DCBE7452A4A312E9B457E4A5795D88C2D674DEC","nkeimhogjdpnpccoofpliimaahmaaome":"674D76861DC793C9A4E3F4F692D131D243C75E2501C679CA25F2662256D6AE50","nmmhkkegccagdldgiimedpiccmgmieda":"21807A91D65ACA28E3BD8C77154DB14B874FDF6DEE6B1D21926AF36FD8BE4804","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"427D6AEB555C7A109402C95539B89CDD5513087129FA1C8CC38C3EAD03AF0A65","pjkljhegncpnkpknbcohdijeoejaedia":"8B5BA612F50713B7C5AB0E0324F827AC40C7C56CB77C7D2F18175C98DD52FA94"}},"google":{"services":{"last_username":"08398E1AB845FC052F7AA66D5CC52FAA773D9E389BAEBD19E7B3914CF0AD6179","username":"56D0DAC09FEAD50D693DA1A4BE3C8A8E48F9DE9C22FF1B462C58CD2400C6968E"}},"homepage":"358ECA6BC8B3C1C71A54633E796E0AC69397D5B2712E7D5ECCCBC4AEAC2FA8BB","homepage_is_newtabpage":"E0F97923C2ACD48A4EAFD1831419FC5136029DED9147FE7141C741B2898757C2","pinned_tabs":"037E3A528E43818A94E0E9636F54FDEE66E508F33ECFE1EE446D4321EFD0DF4B","prefs":{"preference_reset_time":"CB050CD654EAF649B4848F26ACF705EBD9E41D357491B09E28AEE916FC4C95F0"},"profile":{"reset_prompt_memento":"756FB65E300B1A0F9D40C7B23704AF97483BC0D4BD73DDA05EDC5046E4517D69"},"safebrowsing":{"incidents_sent":"6FD247233BB897EA6A51A5F9DB2C4168B4B9D799780562F812B9A8C936882104"},"search_provider_overrides":"2EB6A16BE7B87F304A69C841C28AD3F811C3C2C5241FBED70A27DB8C7339D94E","session":{"restore_on_startup":"59328721EEC4A1D573823A50ABAB3F67E5E88B2EC61C5687AC335F9FCF8A7437","startup_urls":"F02AE17956C01615FD3747AC3E167985CADBA785C694391269EFE3365391B82F"},"software_reporter":{"prompt_reason":"DB88FFDF469488820A24909CA7AE7471C9D6BF9F2E3EBAD2299216A8200B1A3D","prompt_seed":"CDF8FF35B196AA79FA9C8CA199545A3A48E6E86F70BD052FD8D0D09AE650C1A3","prompt_version":"2CD8F648A9683655221B29214DCBFB7B1FE0060EE8532FB2D4447E498124E59F"},"sync":{"remaining_rollback_tries":"E65A3484E8D700D7DA29C953DD6B76E9A636EDA6003E745689398B13E8CECF15"}},"super_mac":"B9DA5F359D8472E4ED9E96FD07FB5C1B192815C2C41C70ED4030ACE8F51AD535"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":null,"startup_urls":["https://www.seznam.cz/?clid=22668"],"urls_to_restore_on_startup":null},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Kotovi\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Kotovi\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kotovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Kotovi\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Kotovi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=12561 folders=1954 2011016624 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kotovi\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kotovi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on ne 12.07.2015 at 20:43:47,79 ======================

[Kotik]

Vypadá to, že je po problémech :) I prohlížeč je již čistý, žádná prázdná okna rádoby reklam po stranách, a hlavně se už neotvírají nová okna prohlížeče na nesmyslné stránky. Stáhnout během čištění Tebou doporučené programy bylo někdy o nervy, když člověk místo stáhnutí viděl cizí stránky nebo 5x nějakou mluvící reklamu s chlapem

Zde je log HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:33, on 12.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Kotovi\Desktop\HiJackThis.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [EasyTune] C:\Program Files (x86)\GIGABYTE\EasyTune\etro.exe
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Desktop.scf
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9698 bytes

[Orcus]

V HJT fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Desktop.scf

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Kotik]

# DelFix v1.010 - Logfile created 12/07/2015 at 21:39:46
# Updated 26/04/2015 by Xplode
# Username : Kotovi - KOTOVI-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\zoek-results.log
Deleted : C:\Users\Kotovi\Desktop\AdwCleaner.exe
Deleted : C:\Users\Kotovi\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\Kotovi\Desktop\JRT.exe
Deleted : C:\Users\Kotovi\Desktop\JRT.txt
Deleted : C:\Users\Kotovi\Desktop\HiJackThis.exe
Deleted : C:\Users\Kotovi\Desktop\hijackthis.log
Deleted : C:\Users\Kotovi\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Kotovi\Desktop\TFC.exe
Deleted : C:\Users\Kotovi\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #144 [End of disinfection | 06/26/2015 18:48:31]
Deleted : RP #145 [Windows Update | 06/30/2015 08:09:07]
Deleted : RP #146 [Windows Update | 07/03/2015 13:55:09]
Deleted : RP #147 [Windows Update | 07/07/2015 08:10:33]
Deleted : RP #148 [Removed Google Drive | 07/07/2015 08:40:55]
Deleted : RP #149 [Revo Uninstaller's restore point - MC Titan Minecraft Feed the Beast | 07/07/2015 13:05:32]
Deleted : RP #150 [Revo Uninstaller's restore point - CinemaP-1.9cV03.07 | 07/08/2015 15:11:18]
Deleted : RP #151 [Windows Update | 07/10/2015 14:56:34]
Deleted : RP #152 [Revo Uninstaller's restore point - Opera Stable 30.0.1835.88 | 07/11/2015 15:02:18]
Deleted : RP #153 [Windows Update | 07/12/2015 11:49:10]
Deleted : RP #154 [zoek.exe restore point | 07/12/2015 18:27:52]

New restore point created !

########## - EOF - ##########

[jerabina]

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.