prosim o kontrolu logu Vyřešeno

[flowersi]

Prosim o kontrolu logu z HJT.
NOD32 mi hlási infikované súbory po štarte.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:38:48, on 8.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\Lenka\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Lenka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [icq] C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10938 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[flowersi]

# AdwCleaner v5.007 - Logfile created 10/09/2015 at 20:06:16
# Updated 08/09/2015 by Xplode
# Database : 2015-09-08.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Lenka - FLOWERSI
# Running from : C:\Users\Lenka\Desktop\adwcleaner_5.007.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\AmiExt
Folder Found : C:\Program Files (x86)\GreyGray
Folder Found : C:\Program Files (x86)\GotClip
Folder Found : C:\Program Files (x86)\ShoppingChip
Folder Found : C:\Program Files (x86)\ShoppingChip
Folder Found : C:\Program Files (x86)\surf oanD keep
Folder Found : C:\Program Files (x86)\YoutubeAdblocker
Folder Found : C:\Program Files (x86)\WebexpEnhancedV1
Folder Found : C:\ProgramData\NewSaVer
Folder Found : C:\ProgramData\QuickSet
Folder Found : C:\ProgramData\ShoppingChip
Folder Found : C:\ProgramData\ShoppingChip
Folder Found : C:\ProgramData\surf oanD keep
Folder Found : C:\ProgramData\YoutubeAdblocker
Folder Found : C:\ProgramData\ccd6a5e19eb11384
Folder Found : C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Folder Found : C:\Users\Lenka\AppData\Local\Mobogenie
Folder Found : C:\Users\Lenka\AppData\Local\Oxy
Folder Found : C:\Users\Lenka\AppData\Local\SwvUpdater
Folder Found : C:\Users\Lenka\AppData\Local\torch
Folder Found : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cddoabincmnbdfmmhkkeajpajgcpcdja
Folder Found : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dkcapkchnjdfkachhajiadabafddnacg
Folder Found : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hmkpmkhjcpdagdmdaeedncigoboijghe
Folder Found : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icbnpjdelphhilfmhmlpaemnfmgkkbea
Folder Found : C:\Users\Lenka\AppData\Roaming\newnext.me
Folder Found : C:\Users\Lenka\AppData\Roaming\Oxy
Folder Found : C:\Users\Lenka\AppData\Roaming\Systweak
Folder Found : C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found : C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Folder Found : C:\Users\Lenka\Documents\Mobogenie

***** [ Files ] *****

File Found : C:\Users\Lenka\daemonprocess.txt
File Found : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhogbcndagiknbfomjgdeghehkljalhi
File Found : C:\WINDOWS\Sysnative\roboot64.exe

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : RunAsStdUser Task

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@WebexpEnhancedV1alpha9375.net]
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\nhogbcndagiknbfomjgdeghehkljalhi
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{66B51873-B53D-42EC-BC1A-862EB4DB041D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BDB0F124-48E8-43A5-A263-45A7093CF058}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\AmiExt
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\AmiExt
Key Found : HKLM\SOFTWARE\FlvPlayer
Key Found : HKLM\SOFTWARE\GS.Enabler
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\Webexp Enhanced
Key Found : [x64] HKCU\Software\AmiExt
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKU\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7112 bytes] ##########

[flowersi]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.9.2015
Čas skenování: 20:11
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.10.07
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 398975
Uplynulý čas: 40 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 35
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [d16ef13dec9f0b2be2091dbe13ef619f],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [d16ef13dec9f0b2be2091dbe13ef619f],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [d16ef13dec9f0b2be2091dbe13ef619f],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\TYPELIB\{66B51873-B53D-42EC-BC1A-862EB4DB041D}, , [2a1581add7b489ad838f0bd0f90954ac],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\INTERFACE\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}, , [2a1581add7b489ad838f0bd0f90954ac],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}, , [2a1581add7b489ad838f0bd0f90954ac],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}, , [2a1581add7b489ad838f0bd0f90954ac],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{66B51873-B53D-42EC-BC1A-862EB4DB041D}, , [2a1581add7b489ad838f0bd0f90954ac],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{66B51873-B53D-42EC-BC1A-862EB4DB041D}, , [2a1581add7b489ad838f0bd0f90954ac],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\TYPELIB\{BDB0F124-48E8-43A5-A263-45A7093CF058}, , [69d6c9655437f3432aed5487887ac63a],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\INTERFACE\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}, , [69d6c9655437f3432aed5487887ac63a],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}, , [69d6c9655437f3432aed5487887ac63a],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}, , [69d6c9655437f3432aed5487887ac63a],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BDB0F124-48E8-43A5-A263-45A7093CF058}, , [69d6c9655437f3432aed5487887ac63a],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{BDB0F124-48E8-43A5-A263-45A7093CF058}, , [69d6c9655437f3432aed5487887ac63a],
PUP.Optional.Amonetize, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4935D75-87EE-40C6-B430-7434FB685DEC}, , [06395ad4fa91f046ac6cce0dfb07da26],
PUP.Optional.Amonetize, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4935D75-87EE-40C6-B430-7434FB685DEC}, , [06395ad4fa91f046ac6cce0dfb07da26],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}, , [1a25939b1a71a39372d61b8aa26020e0],
PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [ea551d11a7e449edf6bc5490c042748c],
PUP.Optional.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd.1, , [7ac5fe3018735bdb09a9c51ff80a42be],
PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Updater.AmiUpd.1, , [7ac5fe3018735bdb09a9c51ff80a42be],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [c97696986724c1754ab338451aeac63a],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [83bcae80b8d3e35369bdcba8fa0a21df],
PUP.Optional.GreyGray, HKLM\SOFTWARE\WOW6432NODE\GreyGray, , [fd4239f5c7c455e1a57be6b09470827e],
PUP.Optional.Enabler, HKLM\SOFTWARE\WOW6432NODE\GS.Enabler, , [69d639f533585fd752b28c04857f1be5],
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\WebexpEnhancedV1, , [bf8067c75932be787ecd734b848037c9],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, , [f04f39f59bf07bbbb647d7a618ec38c8],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kbanbanalocifhgjcppngcdgminjckhm, , [95aa5cd2becd03334eb8bac48c78de22],
PUP.Optional.GreyGray, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nhogbcndagiknbfomjgdeghehkljalhi, , [dc63d856b4d745f18f90dabc4db79070],
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ENDNMGOIJPBKBHOADPGJCDFJAAMMIDBD, , [7dc276b8bdce171fde6bac127c8810f0],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}, , [8ab5b876bccfec4a59ec059f9d67dd23],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [cf707bb3dead360055d16211956fe719],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\ZIP ENHANCER, , [75caa688206b73c3c5464638867e7e82],
PUP.Optional.GreyGray, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\GreyGray, , [0a356cc24f3cb87e9984bed87e8604fc],
PUP.Optional.Amonetize, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\AMIEXT\IE plugin, , [b689eb43513ab383c13dbac3fc088d73],

Hodnoty registru: 6
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [83bcae80b8d3e35369bdcba8fa0a21df]
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\endnmgoijpbkbhoadpgjcdfjaammidbd|path, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ch\WebexpEnhancedV1alpha9375.crx, , [7dc276b8bdce171fde6bac127c8810f0]
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@zipenhancer.com, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff, , [b98684aa69228ea8c049b9c5d43032ce]
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@WebexpEnhancedV1alpha9375.net, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff, , [bf804ae40b80092dcc7e0bb3aa5a08f8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [cf707bb3dead360055d16211956fe719]
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\ZIP ENHANCER|Path, C:\Program Files (x86)\AmiExt\ZipEnhancer, , [75caa688206b73c3c5464638867e7e82]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 49
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\plugins, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\TEMP, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.OptimizerPro, C:\Users\Lenka\Documents\Optimizer Pro, , [221dc767fe8de45239135e49c44044bc],
PUP.Optional.SurfAndKeep, C:\Program Files (x86)\surf oanD keep, , [42fd53dba4e79a9c002c05b234d040c0],
PUP.Optional.YouTubeAdBlocker, C:\Program Files (x86)\YoutubeAdblocker, , [53ec4ce2addeba7c5aaf606122e237c9],
PUP.Optional.Software.Updater, C:\Users\Lenka\AppData\Local\SwvUpdater, , [81bee549c4c74fe70fac5c68f2128779],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ch, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content\icons, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content\icons\default, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ie, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\core, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ch, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\core, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\icons, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\icons\default, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\locale, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\defaults, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\defaults\preferences, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\core, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\core, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Enabler, C:\ProgramData\QuickSet\GS.Enabler, , [51ee0b236d1e1224506f7c90eb189868],
PUP.Optional.Enabler, C:\ProgramData\QuickSet\GS.Enabler\4560858878, , [51ee0b236d1e1224506f7c90eb189868],
PUP.Optional.MultiPlug, C:\ProgramData\ShoppingChip, , [f14e2b03b3d86ccabdba24f3649f0000],
PUP.Optional.NextLive, C:\Users\Lenka\AppData\Roaming\newnext.me, , [3e019698187395a13cea16025ca7ea16],
PUP.Optional.NextLive, C:\Users\Lenka\AppData\Roaming\newnext.me\cache, , [3e019698187395a13cea16025ca7ea16],
PUP.Optional.SpeedTest, C:\Users\Lenka\AppData\Roaming\speedtest125, , [2b149d914c3f5dd925111010699ab44c],
PUP.Optional.YouTubeAdBlocker, C:\ProgramData\YoutubeAdblocker, , [b9864fdf305bac8a2f833ce926dd5aa6],

Soubory: 80
PUP.Optional.RegCleanPro, C:\Windows\System32\roboot64.exe, , [ce711b13bad190a66ee0415aa16404fc],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\GreyGray.ico, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\7za.exe, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\BrowserAdapterS.7z, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\GreyGray.BrowserFilter.Helper.dll, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\GreyGray.BrowserFilter.Helper.dll.old.797282db-42f2-46f4-8c95-f750ae774ec8, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\GreyGray.PurBrowseG.zip, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.GreyGray, C:\Program Files (x86)\GreyGray\bin\sqlite3.dll, , [45fa54da2d5e112578a2afe7d52fec14],
PUP.Optional.OptimizerPro, C:\Users\Lenka\Documents\Optimizer Pro\CookiesException.txt, , [221dc767fe8de45239135e49c44044bc],
PUP.Optional.SurfAndKeep, C:\Program Files (x86)\surf oanD keep\g_ZTLaag8X.tlb, , [42fd53dba4e79a9c002c05b234d040c0],
PUP.Optional.SurfAndKeep, C:\Program Files (x86)\surf oanD keep\g_ZTLaag8X.dat, , [42fd53dba4e79a9c002c05b234d040c0],
PUP.Optional.YouTubeAdBlocker, C:\Program Files (x86)\YoutubeAdblocker\zd.tlb, , [53ec4ce2addeba7c5aaf606122e237c9],
PUP.Optional.YouTubeAdBlocker, C:\Program Files (x86)\YoutubeAdblocker\zd.dat, , [53ec4ce2addeba7c5aaf606122e237c9],
PUP.Optional.Software.Updater, C:\Users\Lenka\AppData\Local\SwvUpdater\Updater.xml, , [81bee549c4c74fe70fac5c68f2128779],
PUP.Optional.Software.Updater, C:\Users\Lenka\AppData\Local\SwvUpdater\status.cfg, , [81bee549c4c74fe70fac5c68f2128779],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome.manifest, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\install.rdf, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content\ffWebexpEnhancedV1alpha9375.js, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content\overlay.xul, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content\icons\Thumbs.db, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Webexp, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ff\chrome\content\icons\default\WebexpEnhancedV1alpha9375_32.png, , [bf8076b8c0cb2a0c52b924d099696799],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\manifest.json, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images\star1_128.png, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images\star1_16.png, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images\star1_32.png, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images\star1_48.png, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images\star1_64.png, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\images\Thumbs.db, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\contentscript.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\core\core.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\amiextension.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\amihelper.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\amilocal.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\chaddon.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\chback.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\ffaddon.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\hostutils.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbanbanalocifhgjcppngcdgminjckhm\1.4_1\js\utils\ieaddon.js, , [61deea44810a6bcba7d3ac51d52db54b],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ch\ZipEnhancer.crx, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\bootstrap.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome.manifest, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\install.rdf, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\preferencesWindow.xul, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\myext.xul, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\core\core.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\icons\Thumbs.db, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\icons\default\star1_32.png, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\amiextension.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\amihelper.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\amilocal.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\chaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\chback.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\ffaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\hostutils.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\chrome\content\utils\ieaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\defaults\preferences\myext.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\core\core.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\amiextension.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\amihelper.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\amilocal.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\chaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\chback.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\ffaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\hostutils.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff\js\utils\ieaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\core\core.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\amiextension.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\amihelper.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\amilocal.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\chaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\chback.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\ffaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\hostutils.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Amonetize, C:\Program Files (x86)\AmiExt\ZipEnhancer\ie\js\utils\ieaddon.js, , [152aae807318a492d6a75ca156acde22],
PUP.Optional.Enabler, C:\ProgramData\QuickSet\GS.Enabler\4560858878.ini, , [51ee0b236d1e1224506f7c90eb189868],
PUP.Optional.NextLive, C:\Users\Lenka\AppData\Roaming\newnext.me\nengine.cookie, , [3e019698187395a13cea16025ca7ea16],
PUP.Optional.NextLive, C:\Users\Lenka\AppData\Roaming\newnext.me\cache\spark.bin, , [3e019698187395a13cea16025ca7ea16],
PUP.Optional.SpeedTest, C:\Users\Lenka\AppData\Roaming\speedtest125\DeskTopIcon.ico, , [2b149d914c3f5dd925111010699ab44c],
PUP.Optional.SpeedTest, C:\Users\Lenka\AppData\Roaming\speedtest125\speedtest125.crx, , [2b149d914c3f5dd925111010699ab44c],
PUP.Optional.YouTubeAdBlocker, C:\ProgramData\YoutubeAdblocker\md6.dat, , [b9864fdf305bac8a2f833ce926dd5aa6],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jerabina]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[flowersi]

# AdwCleaner v5.007 - Logfile created 12/09/2015 at 20:48:11
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Lenka - FLOWERSI
# Running from : C:\Users\Lenka\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\AmiExt
[-] Folder Deleted : C:\Program Files (x86)\GreyGray
[-] Folder Deleted : C:\Program Files (x86)\GotClip
[-] Folder Deleted : C:\Program Files (x86)\ShoppingChip
[!] Folder Not Deleted : C:\Program Files (x86)\ShoppingChip
[-] Folder Deleted : C:\Program Files (x86)\surf oanD keep
[-] Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
[-] Folder Deleted : C:\Program Files (x86)\WebexpEnhancedV1
[-] Folder Deleted : C:\ProgramData\NewSaVer
[-] Folder Deleted : C:\ProgramData\QuickSet
[-] Folder Deleted : C:\ProgramData\ShoppingChip
[!] Folder Not Deleted : C:\ProgramData\ShoppingChip
[-] Folder Deleted : C:\ProgramData\surf oanD keep
[-] Folder Deleted : C:\ProgramData\YoutubeAdblocker
[-] Folder Deleted : C:\ProgramData\ccd6a5e19eb11384
[-] Folder Deleted : C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\Oxy
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\SwvUpdater
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\torch
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cddoabincmnbdfmmhkkeajpajgcpcdja
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dkcapkchnjdfkachhajiadabafddnacg
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hmkpmkhjcpdagdmdaeedncigoboijghe
[-] Folder Deleted : C:\Users\Lenka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icbnpjdelphhilfmhmlpaemnfmgkkbea
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\newnext.me
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\Oxy
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
[-] Folder Deleted : C:\Users\Lenka\Documents\Mobogenie

***** [ Files ] *****

[-] File Deleted : C:\Users\Lenka\daemonprocess.txt
[-] File Deleted : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhogbcndagiknbfomjgdeghehkljalhi
[-] File Deleted : C:\WINDOWS\Sysnative\roboot64.exe

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : RunAsStdUser Task

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@WebexpEnhancedV1alpha9375.net]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nhogbcndagiknbfomjgdeghehkljalhi
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{66B51873-B53D-42EC-BC1A-862EB4DB041D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BDB0F124-48E8-43A5-A263-45A7093CF058}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Key Deleted : HKCU\Software\AmiExt
[-] Key Deleted : HKCU\Software\Escolade
[-] Key Deleted : HKCU\Software\RegisteredApplicationsEx
[-] Key Deleted : HKCU\Software\Softonic
[!] Key Not Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
[-] Key Deleted : HKLM\SOFTWARE\AmiExt
[-] Key Deleted : HKLM\SOFTWARE\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\GS.Enabler
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Webexp Enhanced
[!] Key Not Deleted : [x64] HKCU\Software\AmiExt
[!] Key Not Deleted : [x64] HKCU\Software\Escolade
[!] Key Not Deleted : [x64] HKCU\Software\RegisteredApplicationsEx
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : HKU\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7772 bytes] ##########

[flowersi]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.9.2015
Čas skenování: 20:54
Protokol: kkk.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.12.03
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 398845
Uplynulý čas: 36 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 11
PUP.Optional.Amonetize, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4935D75-87EE-40C6-B430-7434FB685DEC}, Do karantény, [709376b9543787af39fa548853af8c74],
PUP.Optional.Amonetize, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4935D75-87EE-40C6-B430-7434FB685DEC}, Do karantény, [709376b9543787af39fa548853af8c74],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}, Do karantény, [7a8966c9f2997db9184d6f37b44ea858],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Do karantény, [cc37a58adbb01e183a95c7ac996b09f7],
PUP.Optional.GreyGray, HKLM\SOFTWARE\WOW6432NODE\GreyGray, Do karantény, [e91a5bd4711a290d19a198fef113cf31],
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\WebexpEnhancedV1, Do karantény, [e71cc36c7912dd593aab4e70c93b0000],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kbanbanalocifhgjcppngcdgminjckhm, Do karantény, [887bda558efd1323e5bb56288b7914ec],
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ENDNMGOIJPBKBHOADPGJCDFJAAMMIDBD, Do karantény, [778ccd627b10c86e5192d8e6d82ce51b],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Do karantény, [c83b0728ccbfea4cdcf30f64bf45837d],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\ZIP ENHANCER, Do karantény, [44bf4ce3f398ce6875300e705fa5db25],
PUP.Optional.GreyGray, HKU\S-1-5-21-520701029-4030227004-1132575756-1001\SOFTWARE\GreyGray, Do karantény, [2ed509261e6d79bd1d9a573fe321cb35],

Hodnoty registru: 5
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Do karantény, [cc37a58adbb01e183a95c7ac996b09f7]
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\endnmgoijpbkbhoadpgjcdfjaammidbd|path, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9375\ch\WebexpEnhancedV1alpha9375.crx, Do karantény, [778ccd627b10c86e5192d8e6d82ce51b]
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@zipenhancer.com, C:\Program Files (x86)\AmiExt\ZipEnhancer\ff, Do karantény, [5ca751de662556e083206b13ef15b749]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Do karantény, [c83b0728ccbfea4cdcf30f64bf45837d]
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\ZIP ENHANCER|Path, C:\Program Files (x86)\AmiExt\ZipEnhancer, Do karantény, [44bf4ce3f398ce6875300e705fa5db25]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.OptimizerPro, C:\Users\Lenka\Documents\Optimizer Pro, Do karantény, [867d949bc1ca0f27e303891e07fd817f],
PUP.Optional.SpeedTest, C:\Users\Lenka\AppData\Roaming\speedtest125, Do karantény, [768d022dd6b5cc6ae9674cd5778cfa06],

Soubory: 3
PUP.Optional.OptimizerPro, C:\Users\Lenka\Documents\Optimizer Pro\CookiesException.txt, Do karantény, [867d949bc1ca0f27e303891e07fd817f],
PUP.Optional.SpeedTest, C:\Users\Lenka\AppData\Roaming\speedtest125\DeskTopIcon.ico, Do karantény, [768d022dd6b5cc6ae9674cd5778cfa06],
PUP.Optional.SpeedTest, C:\Users\Lenka\AppData\Roaming\speedtest125\speedtest125.crx, Do karantény, [768d022dd6b5cc6ae9674cd5778cfa06],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[flowersi]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 8.1 x64
Ran by Lenka on so 12.09.2015 at 21:36:11,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DD4F91C9-1850-4436-863C-1C2B47536505}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DD4F91C9-1850-4436-863C-1C2B47536505}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update GreyGray
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util GreyGray



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{1A64B346-829B-4F6B-9C84-001522AF2A5C}
Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{3BFE9AFD-C22E-42EA-B17B-1F083090841B}
Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{3D3B2EA6-4094-42B2-838E-17066AC075AA}
Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{6D5CDC3F-1283-403D-A471-4526AE3E36EF}
Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{7D6D892A-C89E-4037-80E7-B1A5DDED0D93}
Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{89DD4B3E-C64E-4D67-9C04-E858D0C9B817}
Successfully deleted: [Empty Folder] C:\Users\Lenka\Appdata\Local\{AB74BBF4-D073-4816-B813-FD6C08667658}
Successfully deleted: [Folder] C:\ProgramData\CoaupExutenSion



~~~ Chrome


[C:\Users\Lenka\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Lenka\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Lenka\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Lenka\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 12.09.2015 at 21:44:36,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[flowersi]

RogueKiller V10.10.4.0 (x64) [Sep 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Lenka [Práva správce]
Started from : C:\Users\Lenka\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 09/12/2015 22:11:13

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com?pc=CPNTDFJS -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.facebook.com/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.facebook.com/ -> Nalezeno
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CPNTDFJS -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CPNTDFJS -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CPNTDFJS -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 396598fdc3f521c34d442375c8d72daf
[BSP] 42f759d52c474d63ef0c5b7751978874 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1353728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1615872 | Size: 460531 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 944783360 | Size: 452 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 945709056 | Size: 350 MB
6 - [SYSTEM] Basic data partition | Offset (sectors): 946425856 | Size: 14818 MB
User = LL1 ... OK
User = LL2 ... OK

[Orcus]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Co problémy? + nový log z HJT

[flowersi]

RogueKiller V10.10.4.0 (x64) [Sep 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9600) 64 bits version
Started in : Normal mode
User : Lenka [Administrator]
Started from : C:\Users\Lenka\Desktop\RogueKillerX64.exe
Mode : Delete -- Date : 09/13/2015 13:34:58

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com?pc=CPNTDFJS -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.facebook.com/ -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.facebook.com/ -> Not selected
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CPNTDFJS -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CPNTDFJS -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CPNTDFJS -> Not selected
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 396598fdc3f521c34d442375c8d72daf
[BSP] 42f759d52c474d63ef0c5b7751978874 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1353728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1615872 | Size: 460531 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 944783360 | Size: 452 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 945709056 | Size: 350 MB
6 - [SYSTEM] Basic data partition | Offset (sectors): 946425856 | Size: 14818 MB
User = LL1 ... OK
User = LL2 ... OK

[flowersi]

Zoek.exe v5.0.0.0 Updated 08-September-2015
Tool run by Lenka on ne 13.09.2015 at 13:37:49,66.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lenka\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.9.2015 13:38:51 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Lenka\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8D7FB822-C87E-E02F-435B-0E8AA58A1846} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D7FB822-C87E-E02F-435B-0E8AA58A1846} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AC0C2FBC-6A34-5356-5161-F364BCD357E6} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AC0C2FBC-6A34-5356-5161-F364BCD357E6} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FDC3E31-DCA1-4105-A73B-AC93A6D41522} deleted successfully
HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD8170B8-A69D-4943-9451-F48D765E638F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8D7FB822-C87E-E02F-435B-0E8AA58A1846} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8D7FB822-C87E-E02F-435B-0E8AA58A1846} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC0C2FBC-6A34-5356-5161-F364BCD357E6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC0C2FBC-6A34-5356-5161-F364BCD357E6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Lenka\AppData\LocalLow\{2C57E433-FA88-A83F-B75B-7D6961620F20} deleted
C:\Users\Lenka\AppData\LocalLow\{79A32B77-B305-C405-44AC-8C242BE2C344} deleted
C:\Users\Lenka\AppData\LocalLow\{8D7FB822-C87E-E02F-435B-0E8AA58A1846} deleted
C:\Users\Lenka\AppData\LocalLow\{AC0C2FBC-6A34-5356-5161-F364BCD357E6} deleted
C:\Users\Lenka\AppData\LocalLow\{F25E2FF4-6897-8B4D-FC0E-D053A4979F13} deleted
C:\Users\Lenka\AppData\Local\Packages\windows_ie_ac_001\AC\{8D7FB822-C87E-E02F-435B-0E8AA58A1846} deleted
C:\Users\Lenka\AppData\Local\Packages\windows_ie_ac_001\AC\{AC0C2FBC-6A34-5356-5161-F364BCD357E6} deleted
C:\Users\Lenka\AppData\Local\Packages\windows_ie_ac_001\AC\{F25E2FF4-6897-8B4D-FC0E-D053A4979F13} deleted
C:\Users\Lenka\.android deleted
C:\PROGRA~3\EexstoraSeavingse deleted
C:\PROGRA~2\Connected Music powered by Universal Music Group deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\PROGRA~3\YoUTuAddBlockerr deleted
C:\PROGRA~3\InstallMate deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Lenka\AppData\LocalLow\{6CE38356-77AA-6838-C911-0DF99896B933} deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions\speedtest125@SpeedAnalysis deleted
"C:\PROGRA~3\fdmfhfpkjodpdjhbmkahegkmaldpkacc\fdmfhfpkjodpdjhbmkahegkmaldpkacc.crx" deleted
"C:\PROGRA~3\fdmfhfpkjodpdjhbmkahegkmaldpkacc\update.xml" deleted
"C:\PROGRA~3\fdmfhfpkjodpdjhbmkahegkmaldpkacc" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"speedtest125@SpeedAnalysis"="C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions\speedtest125@SpeedAnalysis" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"speedtest125@SpeedAnalysis"="C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions\speedtest125@SpeedAnalysis" []

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Lenka\AppData\Local\Google\Chrome SxS deleted

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.85



==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.facebook.com/"
"Default_Page_URL"="http://www.bing.com?pc=CPNTDFJS"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.facebook.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPNTDFJS"

==== Reset Google Chrome ======================

C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lenka\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Lenka\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-520701029-4030227004-1132575756-1001\Software\Mozilla\Firefox\Extensions\speedtest125@SpeedAnalysis deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\speedtest125@SpeedAnalysis deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B338E5C5-B0DD-5A57-FA45-3691304E8F3A} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenka\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lenka\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Lenka\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=106 folders=64 5286399 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lenka\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Lenka\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 13.09.2015 at 14:12:50,19 ======================