Prosím o kontrolu logu Vyřešeno

[elrodos]

Zdravím,
ze dne na den se mi totálně oslabil výkon pc, stránky se načítají pomalu, videa se sekají, youtube je nepoužitelný a o hrách nemluvě

[Reklama]

[elrodos]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:24:57, on 19.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 31.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\soundman.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Program Files\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe
C:\Users\Doma\Downloads\HijackThis.exe
C:\Program Files\Opera\32.0.1948.69\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F. ... oBCM5urd7p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Catered to You - {b90183ad-1cf4-4d7b-9461-b89083957547} - C:\Program Files\Catered to You\Extensions\b90183ad-1cf4-4d7b-9461-b89083957547.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [FreeRAM XP] "D:\PROGRAMY\freeram\FreeRAMXPPro1.31.exe" -win
O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [UpdateAdmin] C:\Users\Doma\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\ProgramData\caMyciloP\Newlam.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\caMyciloP\caMyciloP.exe
O23 - Service: Compliant Host Controller (cohci1394) - Unknown owner - C:\Program Files\Controller\cohc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Service Mgr CateredtoYou - Unknown owner - C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0\plugincontainer.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: Update Mgr CateredtoYou - Unknown owner - C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0\updater.exe

--
End of file - 7663 bytes

[jaro3]

Odinstaluj:
AVG PC TuneUp

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[elrodos]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.

ATF Cleaner jsem spustil, vybral jsem Operu, kterou používám (jak je vidět již v logu), dal jsem Select All a hodilo mi to tuhle hlášku "No files were removed."

[elrodos]

Odinstaluj:
AVG PC TuneUp

Mám sem hodit nový log po odinstalování AVG PC TuneUP ? Spoustu programů jsem měl díky němu deaktivovaných.

[elrodos]

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

# AdwCleaner v5.014 - Logfile created 20/10/2015 at 20:54:52
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Doma - DOMA-PC
# Running from : C:\Users\Doma\Desktop\adwcleaner_5.014.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : cohci1394
Service Found : Service Mgr CateredtoYou
Service Found : Update Mgr CateredtoYou

***** [ Folders ] *****

Folder Found : C:\Program Files\OneSystemCare
Folder Found : C:\Program Files\Controller
Folder Found : C:\Program Files\Catered to You
Folder Found : C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\ProgramData\Application Hosting
Folder Found : C:\ProgramData\caMyciloPs
Folder Found : C:\ProgramData\camycilop
Folder Found : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\ProgramData\yWinManProy
Folder Found : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
Folder Found : C:\Users\Doma\AppData\Local\UpdateAdmin

***** [ Files ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml
File Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\user.js
File Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\searchplugins\findit.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... nnelid=888 )
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... nnelid=888 )
Shortcut Infected : C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... nnelid=888 )
Shortcut Infected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... nnelid=888 )
Shortcut Infected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... nnelid=888 )

***** [ Scheduled tasks ] *****

Task Found : amiupdaterExd
Task Found : amiupdaterExi
Task Found : UpdateAdmin

***** [ Registry ] *****

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]
Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{b90183ad-1cf4-4d7b-9461-b89083957547}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Key Found : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Key Found : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FBB037E4-1CB2-406C-ACCC-925BD5BC7FD7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b90183ad-1cf4-4d7b-9461-b89083957547}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKCU\Software\DownloadAdmin
Key Found : HKCU\Software\OB
Key Found : HKLM\SOFTWARE\Speedchecker Limited
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Catered to You
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Key Found : HKU\S-1-5-21-1777567604-985344441-3338332800-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Data Found : HKU\S-1-5-21-1777567604-985344441-3338332800-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {ielnksrch}

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [6890 bytes] ##########

[jaro3]

HJT znovu dávat nemusíš.

Ještě Malwarebytes' Anti-Malware.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[elrodos]

Ještě Malwarebytes' Anti-Malware.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 20.10.2015
Čas skenování: 21:18
Protokol:
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.20.06
Databáze rootkitů: v2015.10.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Doma

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 332848
Uplynulý čas: 48 min, 22 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 5
PUP.Optional.Amonetize, C:\Program Files\Controller\cohc.exe, 732, , [a294d980becd34028fbcd29eb24fc040]
PUP.Optional.CateredToYou, C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0\PluginContainer.exe, 2036, , [91a55bfe1c6f77bf2179c1a2a65b966a]
PUP.Optional.CateredToYou, C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0\Updater.exe, 2340, , [0f277ddcd4b79c9a128890d3d42d49b7]
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\caMyciloP.exe, 1720, , [45f19bbecfbc56e030f0084b639f3fc1]
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Tindox.exe, 2968, , [45f19bbecfbc56e030f0084b639f3fc1]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 36
PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cohci1394, , [a294d980becd34028fbcd29eb24fc040],
PUP.Optional.CateredToYou, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr CateredtoYou, , [91a55bfe1c6f77bf2179c1a2a65b966a],
PUP.Optional.CateredToYou, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr CateredtoYou, , [0f277ddcd4b79c9a128890d3d42d49b7],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\CLASSES\CLSID\{b90183ad-1cf4-4d7b-9461-b89083957547}, , [fb3b4b0e4b4038fef5a5ee75af5254ac],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\CLASSES\TYPELIB\{fbb037e4-1cb2-406c-accc-925bd5bc7fd7}, , [fb3b4b0e4b4038fef5a5ee75af5254ac],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\CLASSES\INTERFACE\{CC71154E-1C1F-4C4B-AC24-36BB4E847E45}, , [fb3b4b0e4b4038fef5a5ee75af5254ac],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B90183AD-1CF4-4D7B-9461-B89083957547}, , [fb3b4b0e4b4038fef5a5ee75af5254ac],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\CLASSES\CLSID\{B90183AD-1CF4-4D7B-9461-B89083957547}\INPROCSERVER32, , [fb3b4b0e4b4038fef5a5ee75af5254ac],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, , [e25412478803b383150e3bb94bb67a86],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [eb4b53062b60a591fb2c589c2ad7ed13],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Catered to You, , [231383d65f2cd95d7525fa6905fc3bc5],
PUP.Optional.CateredToYou, HKLM\SOFTWARE\CateredtoYou, , [da5ce1787714b08683dfa4eb18eb34cc],
PUP.Optional.SpeedChecker.PrxySvrRST, HKLM\SOFTWARE\Speedchecker Limited, , [7abc67f2e5a638feb1f47df448ba3dc3],
PUP.Optional.WikiSearchMe, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fcgnigmofekcllgbiejhmigggmgehkip, , [f93d2e2bdab1171f9ae2dabad3307c84],
PUP.Optional.FlashPlayer, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ppcdpabdaaenpfihggajpnehffdcbima, , [2c0a5504800b1e185dcee87534cfa759],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, , [35017edba0eb4ceac8aab58dfc0722de],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, , [b680f0696724b87e15e75a3839cab64a],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, , [d85ef1688a01ad892ad2b8dafd06d32d],
PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExd, , [3501a5b4800b78be6561a8a0798aa55b],
PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExi, , [2a0ca3b64843f73ffec8c583d42f738d],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\temp_178c9aa9-94b6-47a2-b8ca-8afb829f5a6b-2, , [95a1ea6ffd8eda5c388461f50df64cb4],
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UpdateAdmin, , [979f4910aae1e353ee49e1a4877ce11f],
PUP.Optional.ApplicationHosting, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Application Hosting.exe, , [61d5c693deadd3634ff1db6e51b2d32d],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [68ce78e14a41191d109a821002017f81],
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}, , [3cfa2a2f810a092d3bfdccb9b44f58a8],
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{20915d52-1148-4fc2-8788-129eeb5e27dd}Gw, , [89ad75e46f1cb680e16557218083ff01],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\CinemaP-1.9cV20.01, , [38feb4a5e8a3a1952c3f5af5847fcc34],
PUP.Optional.UpdateAdmin, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\DOWNLOADADMIN\UpdateAdmin, , [8da953065c2f55e144f105809271d52b],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, , [af875efb1f6cd0665852006bdd25b54b],
PUP.Optional.OutBrowse, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\OB, , [78bee277dfac39fdc298076a867d15eb],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1777567604-985344441-3338332800-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, , [41f553068605f442804f9ba8f50e50b0],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1777567604-985344441-3338332800-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}, , [51e54613fe8d1e1822aeb291778cfd03],
PUP.Optional.OneSystemCare, HKU\S-1-5-21-1777567604-985344441-3338332800-501\SOFTWARE\ONE SYSTEM CARE, , [26104c0d1e6de45203d30b65956e4eb2],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1777567604-985344441-3338332800-501_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, , [b383fa5f5a311e18aa2563e0cd36748c],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1777567604-985344441-3338332800-501_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}, , [b6801a3fb0db0234d6fad86b0201d927],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\caMyciloP, , [45f19bbecfbc56e030f0084b639f3fc1],

Hodnoty registru: 19
PUP.Optional.DownLoadAdmin, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|UpdateAdmin, C:\Users\Doma\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN, , [fe38b3a696f558debf1f85c85fa5b24e]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, , [35017edba0eb4ceac8aab58dfc0722de]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, , [8caa3b1ef19a4aec0d664ef49271857b]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, , [cb6b5603f49743f3c3b151f140c33ec2]
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}|Publisher, DownloadAdmin, , [3cfa2a2f810a092d3bfdccb9b44f58a8]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CAMYCILOP|ImagePath, C:\ProgramData\caMyciloP\caMyciloP.exe, , [ff373d1c305b0d29b5da0d5ac43f2ad6]
PUP.Optional.PluginContainer, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr CateredtoYou|ImagePath, "C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0\plugincontainer.exe", , [b4825cfd810af83e9a58571b748f6d93]
PUP.Optional.Updater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr CateredtoYou|ImagePath, "C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0\updater.exe", , [df578bcebad167cf291f4e3757acc739]
PUP.Optional.Linkury, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F. ... nnelid=888, , [b87e6cedbad1ae88531da5c28f7430d0]
PUP.Optional.Linkury, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\ENVIRONMENT|SNF, C:\ProgramData\caMyciloPs\snp.sc, , [4ee86aefdcafa393204f63047192a65a]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, , [af875efb1f6cd0665852006bdd25b54b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, , [84b29fba91faf14590e06bd7788b4ab6]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, , [68ced584aedd0333e58ced55c04345bb]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\OB|monitype20, 9/6/15 17:42:40, , [78bee277dfac39fdc298076a867d15eb]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\OB|monitype24, 9/6/15 17:42:40, , [0333abae3e4dd95dd486135e49ba1ae6]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\OB|monitype27, 9/6/15 17:42:40, , [46f02336f596c373bd9dcea358ab46ba]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-1777567604-985344441-3338332800-501\SOFTWARE\ONE SYSTEM CARE|OSID, 6.1, , [26104c0d1e6de45203d30b65956e4eb2]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-1777567604-985344441-3338332800-501\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, http://dl.softservers.net/121002110/DriverPro.exe, , [2412b8a1cbc065d1934209670cf7fc04]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-1777567604-985344441-3338332800-501\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, http://dl.softservers.net/171002110/LiveSupport.exe, , [38fe97c2008bd264a62f640cdd266898]

Data registru: 7
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[96a05efb7516c2747a8c43e8966e15eb]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}),,[67cfb0a9840769cde51b141743c142be]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F. ... oBCM5urd7p, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F. ... oBCM5urd7p),,[072f2f2a7e0d83b35da454d717ed8d73]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}),,[b6803b1e3e4dbf77877939f2b54f28d8]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}),,[0432b4a50784c17501ff12194abab050]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73 ... fUVi8e9&q={searchTerms}),,[033319400e7db87e8e74ce5dea1ac23e]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1777567604-985344441-3338332800-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[ea4cfc5d3b505ed8b2518aa1fc08946c]

Složky: 20
PUP.Optional.ApplicationHosting, C:\ProgramData\Application Hosting, , [a294411865261b1bdf60df6a798a9769],
PUP.Optional.UpdateAdmin, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin, , [033382d70e7d4beb55dc2065649f5da3],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\bitstreams, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\bitstreams, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\bitstreams, , [ef47a6b3dbb08da95c53b183f40ec43c],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\ondemand, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\temp, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloPs, , [2a0c2f2a91fa96a0869bbd96b54d8b75],
PUP.Optional.UpdateAdmin, C:\Users\Doma\AppData\Local\UpdateAdmin, , [6ec88fca612ab58152239ec4cb37d828],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\yWinManProy, , [7cbaf5645e2da294598f570e768cbf41],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\yWinManProy\update, , [7cbaf5645e2da294598f570e768cbf41],
PUP.Optional.CateredToYou, C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0, , [d3632f2aacdf80b64e9b3036be4440c0],
PUP.Optional.CateredToYou, C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0, , [f93dbd9c1a71003616d40264758d0bf5],
PUP.Optional.CateredToYou, C:\Program Files\Catered to You, , [26105ffa4d3ebd7914d75e08f50d867a],
PUP.Optional.CateredToYou, C:\Program Files\Catered to You\Extensions, , [26105ffa4d3ebd7914d75e08f50d867a],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Viafreshs, , [ea4ccc8d1279082edf84b59a36ce9769],

Soubory: 121
PUP.Optional.Amonetize, C:\Program Files\Controller\cohc.exe, , [a294d980becd34028fbcd29eb24fc040],
PUP.Optional.CateredToYou, C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0\PluginContainer.exe, , [91a55bfe1c6f77bf2179c1a2a65b966a],
PUP.Optional.CateredToYou, C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0\Updater.exe, , [0f277ddcd4b79c9a128890d3d42d49b7],
PUP.Optional.DownLoadAdmin, C:\Users\Doma\AppData\Local\UpdateAdmin\UpdateAdmin.exe, , [fe38b3a696f558debf1f85c85fa5b24e],
PUP.Optional.CateredToYou, C:\Program Files\Catered to You\Extensions\b90183ad-1cf4-4d7b-9461-b89083957547.dll, , [fb3b4b0e4b4038fef5a5ee75af5254ac],
PUP.Optional.CrossRider, C:\Users\Doma\AppData\Roaming\MQAOECY.exe, , [d264ef6af893b6805553a9a0f70d1de3],
PUP.Optional.CateredToYou, C:\Program Files\Catered to You\Uninstaller.exe, , [231383d65f2cd95d7525fa6905fc3bc5],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumnccpcjs.exe, , [0432d584e1aa9a9cbe17a0428b7609f7],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumncdtfvd.exe, , [b4820d4c68232d098055895955acd030],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumnchmmesi.exe, , [91a511486f1c9d998253cf1343be52ae],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumnchvniu.exe, , [3ef869f0cfbcdc5a33a2a63cb74a9769],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumnckfuear.exe, , [f640ff5a96f5ad89c312756d5ea30ef2],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumncmhuphn.exe, , [d4622d2c53388aacd0054e945da43fc1],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumncoeedte.exe, , [82b41c3dfb900b2b3d98568c629f817f],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumncpiqiyr.exe, , [1d197edbf2993df92ea76f73ca37d927],
PUP.Optional.BitCoinMiner, C:\Windows\System32\acumncucqjd.exe, , [3cfa3029d2b9a19509cc09d99f6209f7],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmnccpcjs.exe, , [8da9db7e3b50d2642dcabb27847df709],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmncdtfvd.exe, , [58de1e3ba4e72412ee09e101b15032ce],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmnchmmesi.exe, , [66d0b5a489020c2a7f78b72b06fbe51b],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmnchvniu.exe, , [44f2a1b85c2f91a5bf389250d42d7789],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmnckfuear.exe, , [6bcb1a3f305bee4829ceb82a40c1e41c],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmncmhuphn.exe, , [9b9b1544216a8fa74cab8260758c8977],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmncoeedte.exe, , [be7831284f3c3ef83fb87d65f30e50b0],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmncpiqiyr.exe, , [989ec2979cef999d7f7821c113eec23e],
Trojan.BitCoinMiner, C:\Windows\System32\dcgmncucqjd.exe, , [181e293049427db9d522ba287f8203fd],
PUP.BitCoinMiner, C:\Windows\System32\lcpmnccpcjs.exe, , [54e23524dcafdd59db5dbfda728e10f0],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncdtfvd.exe, , [73c391c8296231052d0bfd9ce818cc34],
PUP.BitCoinMiner, C:\Windows\System32\lcpmnchmmesi.exe, , [a88ed5848dfea3936ecaf8a19b65847c],
PUP.BitCoinMiner, C:\Windows\System32\lcpmnchvniu.exe, , [68cea6b36f1c9f97cb6d693080802cd4],
PUP.BitCoinMiner, C:\Windows\System32\lcpmnckfuear.exe, , [989e83d68dfeca6c7cbca3f6e02008f8],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncmhuphn.exe, , [2412590096f577bf9e9ac9d028d8ff01],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncoeedte.exe, , [3600bb9e0d7e71c539ffa3f6e719eb15],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncpiqiyr.exe, , [b5810059ccbfea4c41f78910ec143ec2],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncucqjd.exe, , [ba7c0158008b61d52414f8a14cb4e719],
PUP.Optional.Linkury.ShrtCln, C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\searchplugins\findit.xml, , [6dc92e2bd1ba62d433d365df2cd7649c],
PUP.Optional.Linkury.ShrtCln, C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml, , [ed4990c99cef0c2ad92e5ce8c043ea16],
PUP.Optional.ApplicationHosting, C:\ProgramData\Application Hosting\Application Hosting.exe.config, , [a294411865261b1bdf60df6a798a9769],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\temp_178c9aa9-94b6-47a2-b8ca-8afb829f5a6b-2, , [a492e5740586b97d03643a1b0bf8e818],
PUP.Optional.UpdateAdmin, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin\UpdateAdmin.lnk, , [033382d70e7d4beb55dc2065649f5da3],
PUP.Optional.UpdateAdmin, C:\Windows\System32\Tasks\UpdateAdmin, , [d85e540598f353e385ad7a0bd62d6b95],
PUP.Optional.Yontoo, C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\extensions\{a9acaf1d-f7d1-436b-97cd-f861229d457e}.xpi, , [35012e2b8b0075c10142474e6c97df21],
Trojan.Agent.Trace, C:\Windows\inf\ntvdm.inf, , [de58a4b5008b999d71f3950ca55ea25e],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\diablo130302.cl, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\diakgcn121016.cl, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\libcurl-4.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\libeay32.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\libidn-11.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\librtmp.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\libssh2.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\mncdwffym.exe, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\phatk121016.cl, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\poclbm130302.cl, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\scrypt130511.cl, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\ssleay32.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\zlib1.dll, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncdwffym\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [d066c891bccf95a1af00003412f01ce4],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\diablo130302.cl, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\diakgcn121016.cl, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\libcurl-4.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\libeay32.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\libidn-11.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\librtmp.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\libssh2.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\mncnknedi.exe, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\phatk121016.cl, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\poclbm130302.cl, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\scrypt130511.cl, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\ssleay32.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\zlib1.dll, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncnknedi\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [251133262566d660dfd0b67e34ced62a],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\diablo130302.cl, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\diakgcn121016.cl, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\libcurl-4.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\libeay32.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\libidn-11.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\librtmp.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\libssh2.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\mncxmlegx.exe, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\phatk121016.cl, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\poclbm130302.cl, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\scrypt130511.cl, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\ssleay32.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\zlib1.dll, , [ef47a6b3dbb08da95c53b183f40ec43c],
Trojan.Agent.BCM, C:\Windows\inf\mncxmlegx\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [ef47a6b3dbb08da95c53b183f40ec43c],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\3u10iq0w.fa5.exe, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\3u10iq0w.fa5.exe.config, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\caMyciloP.dll, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\caMyciloP.exe, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\caMyciloP.exe.config, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\conf.config, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Config.xml, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Dentokix.dll, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Fase-Ity.dll, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Goldcom.bin, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Goldcom.bin.bck, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\LightCanphase.dll, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Physsing.dll, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\PrxCfg.xml, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Quolight.exe, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Quolight.exe.config, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\SanLamdom.bin, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Tantop.exe, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Tantop.exe.config, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Tindox.exe, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Tindox.exe.config, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Tonsing.bin, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\uninstall.exe, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Warm-Sing.bin, , [45f19bbecfbc56e030f0084b639f3fc1],
PUP.Optional.Linkury, C:\ProgramData\caMyciloPs\ff.HP, , [2a0c2f2a91fa96a0869bbd96b54d8b75],
PUP.Optional.Linkury, C:\ProgramData\caMyciloPs\ff.NT, , [2a0c2f2a91fa96a0869bbd96b54d8b75],
PUP.Optional.Linkury, C:\ProgramData\caMyciloPs\snp.sc, , [2a0c2f2a91fa96a0869bbd96b54d8b75],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\yWinManProy\updateconf, , [7cbaf5645e2da294598f570e768cbf41],
PUP.Optional.CateredToYou, C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0\temp, , [d3632f2aacdf80b64e9b3036be4440c0],
PUP.Optional.CateredToYou, C:\Program Files\Catered to You\7za.exe, , [26105ffa4d3ebd7914d75e08f50d867a],
PUP.Optional.CateredToYou, C:\Program Files\Catered to You\Extensions\{a9acaf1d-f7d1-436b-97cd-f861229d457e}.xpi, , [26105ffa4d3ebd7914d75e08f50d867a],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Viafreshs\ff.HP, , [ea4ccc8d1279082edf84b59a36ce9769],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Viafreshs\ff.NT, , [ea4ccc8d1279082edf84b59a36ce9769],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Viafreshs\snp.sc, , [ea4ccc8d1279082edf84b59a36ce9769],
PUP.Optional.Linkury.ShrtCln, C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.newtab.url", "C:\ProgramData\caMyciloPs\ff.NT");), ,[b87ea5b47615e55136d0c28ef90b53ad]
PUP.Optional.Linkury.ShrtCln, C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\prefs.js, Dobré: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Špatné: (browser.startup.homepage", "C:\ProgramData\caMyciloPs\ff.HP), ,[ae88acad4942d363b9f67ed884801be5]
PUP.Optional.FastStart, C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\prefs.js, Dobré: (), Špatné: (faststartff@gmail.com), ,[74c296c3404b310509ac7addfc088e72]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jerabina]

Postupuj podle kroků, které ti napsal kolega +

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[elrodos]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

# AdwCleaner v5.014 - Logfile created 20/10/2015 at 22:17:41
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Doma - DOMA-PC
# Running from : C:\Users\Doma\Desktop\adwcleaner_5.014.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : cohci1394
[-] Service Deleted : Service Mgr CateredtoYou
[-] Service Deleted : Update Mgr CateredtoYou

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\OneSystemCare
[-] Folder Deleted : C:\Program Files\Controller
[-] Folder Deleted : C:\Program Files\Catered to You
[-] Folder Deleted : C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
[!] Folder Not Deleted : C:\Program Files\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
[-] Folder Deleted : C:\ProgramData\Application Hosting
[-] Folder Deleted : C:\ProgramData\caMyciloPs
[-] Folder Deleted : C:\ProgramData\camycilop
[-] Folder Deleted : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
[-] Folder Deleted : C:\ProgramData\yWinManProy
[!] Folder Not Deleted : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
[-] Folder Deleted : C:\Users\Doma\AppData\Local\UpdateAdmin

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml
[-] File Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\user.js
[-] File Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\m78v8gr7.default\searchplugins\findit.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : UpdateAdmin

***** [ Registry ] *****

[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b90183ad-1cf4-4d7b-9461-b89083957547}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FBB037E4-1CB2-406C-ACCC-925BD5BC7FD7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b90183ad-1cf4-4d7b-9461-b89083957547}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\DownloadAdmin
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Catered to You
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
[!] Key Not Deleted : HKU\S-1-5-21-1777567604-985344441-3338332800-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKU\S-1-5-21-1777567604-985344441-3338332800-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6387 bytes] ##########

[elrodos]

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x86
Ran by Doma on Łt 20.10.2015 at 22:30:09,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] {20915d52-1148-4fc2-8788-129eeb5e27dd}Gw [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\Windows\Tasks\MQAOECY.job



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1777567604-985344441-3338332800-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F0C6D1DA-1EE3-4E5E-B764-B8A0972E2F3E}



~~~ Files

Successfully deleted: [File] C:\Users\Doma\AppData\Roaming\MQAOECY
Successfully deleted: [File] C:\Users\Doma\AppData\Roaming\MQAOECY.exe



~~~ Folders

Successfully deleted: [Folder] C:\Windows\System32\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\Doma\AppData\Roaming\mozilla\firefox\profiles\m78v8gr7.default\minidumps [18 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 20.10.2015 at 22:36:48,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jaro3]

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.


Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně na pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.