Prosím o kontrolu logu. Nainstalovali mi tu svinstvo kolem seznam lističky a nějaký youtube accelerator, který mi nelze odstranit. Jinak také vyskakuji samé reklamy v prohlížeči + avast zablokoval 4x nějaký bordel
Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:01:02, on 20.9.2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\winki\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Users\winki\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
C:\GIGABYTE FORCE\GIGABYTE FORCE.exe
C:\Users\winki\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\winki\Downloads\HijackThis.exe
C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: 2657e500f3e90131a4e91fb939dcadf40061913 - {11111111-1111-1111-1111-110611191113} - (no file)
O2 - BHO: cb53b500f3e90131a6091fb939dcadf40061915 - {11111111-1111-1111-1111-110611191115} - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: YTAHelperBHO - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - C:\ProgramData\YTAHelper\YTAHelper.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [GMouse] "C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE" /hide
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DF6D152E96ADA11FC2D4C23E6509846B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\winki\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = winki\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: TorntvDownloader.lnk = C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9212E87-1E19-4516-9E8A-C10A1D7C7B9C}: NameServer = 192.168.0.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
O23 - Service: YouTubeAcceleratorService - GOOBZO - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
--
End of file - 22090 bytes
Prosil bych o kontrolu Logu Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosil bych o kontrolu Logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosil bych o kontrolu Logu
AdwCleaner :
# AdwCleaner v3.310 - Report created 21/09/2014 at 11:18:25
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : winki - WINKI-PC
# Running from : C:\Users\winki\Desktop\adwcleaner_3.310.exe
# Option : Scan
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : IePluginServices
Service Found : YouTubeAcceleratorService
***** [ Files / Folders ] *****
File Found : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\winki\daemonprocess.txt
File Found : C:\Users\winki\Desktop\YouTube Accelerator.lnk
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\iWebar
Folder Found : C:\Program Files (x86)\iWebar
Folder Found : C:\Program Files (x86)\PodoWeb
Folder Found : C:\Program Files (x86)\Senses
Folder Found : C:\Program Files (x86)\YouTube Accelerator
Folder Found : C:\Program Files (x86)\YTAHelper
Folder Found : C:\ProgramData\AlawarWrapper
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\ProgramData\YTAHelper
Folder Found : C:\Users\Public\Documents\AlawarWrapper
Folder Found : C:\Users\Public\Documents\Goobzo
Folder Found : C:\Users\Public\Documents\YTAHelper
Folder Found : C:\Users\winki\AppData\Local\AlawarWrapper
Folder Found : C:\Users\winki\AppData\Local\globalUpdate
Folder Found : C:\Users\winki\AppData\Local\Mobogenie
Folder Found : C:\Users\winki\AppData\LocalLow\Goobzo
Folder Found : C:\Users\winki\AppData\Roaming\Babylon
Folder Found : C:\Users\winki\AppData\Roaming\dvdvideosoftiehelpers
Folder Found : C:\Users\winki\AppData\Roaming\OpenCandy
Folder Found : C:\Users\winki\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\winki\AppData\Roaming\Solvusoft
Folder Found : C:\Users\winki\Documents\Mobogenie
***** [ Scheduled Tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : YTAHelper
Task Found : YTAUpdate_logon
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-1
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-11
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-2
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-4
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-5
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-6
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-7
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536 )
Shortcut Found : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536 )
Shortcut Found : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\iWebar
Key Found : HKCU\Software\AppDataLow\Software\iWebar
Key Found : HKCU\Software\AppDataLow\Software\Senses
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Goobzo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : HKCU\Software\SupHpUISoft
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\Goobzo
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\StartSearch
Key Found : [x64] HKCU\Software\SupHpUISoft
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192213}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195513}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196613}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194413}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Goobzo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\iWebar
Key Found : HKLM\SOFTWARE\iWebar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKLM\SOFTWARE\Senses
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SOFTWARE\Trymedia Systems
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192213}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195513}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196613}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
-\\ Mozilla Firefox v
-\\ Google Chrome v37.0.2062.120
[ File : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19848 octets] - [21/09/2014 11:18:25]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [19909 octets] ##########
Malwarebytes' Anti-Malware
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 21.9.2014
Scan Time: 11:24:55
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.21.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: winki
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 329156
Time Elapsed: 3 min, 58 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, 1828, , [ba8c3cb4582301354017c5ebe21f23dd]
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, 2884, , [af97a74945367eb8e20dad8519e814ec]
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, 3008, , [0046b43cd5a62c0a3c0d8b27e9185ca4]
Modules: 2
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
Registry Keys: 78
PUP.Optional.ELEX, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [ba8c3cb4582301354017c5ebe21f23dd],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\CLASSES\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [192d22cee497d85e33fd348f91719c64],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [192d22cee497d85e33fd348f91719c64],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [fa4c45abaecde2541b13883b09f9966a],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [fa4c45abaecde2541b13883b09f9966a],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}, , [4303a54b205ba591a28d685b43bfaf51],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\CLASSES\APPID\WebCakeIEClient.DLL, , [db6b8070a1da63d3c706dd6c08fc38c8],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, , [3c0ad31d0a71013594b035f8976cce32],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, , [7cca25cbc4b7e05684c0220b59aae21e],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [2e1837b9c2b966d09fee5dfefa0a9769],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [76d0717fb9c282b43f47b15ae12201ff],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, , [d76f8c642d4e3ef8654fadaafd07eb15],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [2620d31d502bb68027d8afc010f4d42c],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [81c5ee022e4df640883cfb0e867d7c84],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\WebCakeIEClient.DLL, , [57efc42cdba04cea775614355da73ac6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [a6a0dc14c9b20036fa25da3806fd5aa6],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bicnnkjibmphdeigoodpjlcklcnaobdj, , [56f0a0505b203df90e711813b84b31cf],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, , [d6709d539fdcfb3b6c681a2f70949b65],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\20891, , [5fe7b0402a51ea4c20242eff3ec545bb],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, , [0d391dd37803a492ba8a1a134cb711ef],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [58ee17d90675f73fe2abbe9d18ec20e0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [e462c52bde9df244e73f720145bf7888],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [75d1cc24116a211555d2442f3ec63ec2],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [bc8a27c9c6b5a591942f7198996ac43c],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [ec5a846ccdae86b016e2cf658e75ba46],
PUP.Optional.GoPhotoIT.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheGoPhoto.it V10, , [cb7b01ef106b66d060ca155caa5aca36],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, , [83c300f00b7095a1838bf47d34d0a060],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [c87e45abf48772c458ea242d39cb936d],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, , [3f07faf69be0f54186faa467c0432ed2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [ca7cec04116a74c2b085a8bc82823bc5],
PUP.Optional.iWebar.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [0442f9f7bac13501639590a4996aa759],
PUP.Optional.Qone8, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [ee5829c7bdbe251108849bc0c73df10f],
PUP.Optional.Softonic.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [cb7b8c6498e371c512afe54355ae867a],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [a6a0dc14c9b20036fa25da3806fd5aa6]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, ild, , [bc8a27c9c6b5a591942f7198996ac43c]
Registry Data: 11
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),,[91b517d97cff989eca49926a1be9b24e]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),,[ec5a747cb9c2d3630405d22ab74d06fa]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[4402b23e5c1f1125af58906ca3617b85]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[98aed719e09bb086b556679530d49a66]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[6bdb33bd5f1c94a24ed6ae59f0157b85]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),,[0343d31dc7b4989eb45f7d7fdf25de22]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),,[1b2b539d1269bf77d9307a829a6a9a66]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[6ed81bd56a1147ef3ccb3ac216eefc04]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[410520d02e4d072fa6657a82db299769]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[54f21ad623584bebea3ae324709532ce]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[c482846ca1da85b1da2e4ab20bf9da26]
Folders: 21
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [4105a0504338092de9689e4eee1425db],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [4105a0504338092de9689e4eee1425db],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{74979C8B-D3CC-4965-9532-F0FA0D992142}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, , [bc8a5a96d8a3fb3b7715916224de6898],
Files: 133
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, , [ba8c3cb4582301354017c5ebe21f23dd],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, , [af97a74945367eb8e20dad8519e814ec],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, , [0046b43cd5a62c0a3c0d8b27e9185ca4],
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [2a1c529ef08bf44221aed5dd8e737f81],
PUP.Optional.Senses.A, C:\Users\winki\AppData\Roaming\AVNUOK.exe, , [82c4fcf496e54de967e205adaa57639d],
PUP.Optional.Senses.A, C:\Users\winki\AppData\Roaming\SXMQIHM.exe, , [af97f6fa473443f398b1ebc7e02106fa],
PUP.Optional.Babylon.A, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E\DeltaTB.exe, , [4cfa8f61fa8178bed6d88195a859c53b],
PUP.Optional.Babylon.A, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF\DeltaTB.exe, , [75d1f8f8116ae35305a98c8a13ee9769],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.exe, , [72d4d020afcc5ed80b3ed8da986947b9],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.exe, , [6bdbc62accaf3afc1039545e24dd07f9],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.exe, , [72d47f71dc9fd165f6535c5605fcc838],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.exe, , [d670ee027407b5810c3d01b1758c0ef2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.exe, , [4006c52b14678da9f950b200bb4630d0],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-64.exe, , [1531fcf4374410262d1c30823fc2dc24],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7.exe, , [7fc714dc9be0f343f5544f63936e3ec2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bg.exe, , [f84e19d7d9a2a49212378a28de239c64],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho.dll, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho64.dll, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.exe, , [bb8b47a9c2b92c0af257b8fab34ed828],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.exe, , [1e287b759fdcdf576edb377b1ce51fe1],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-codedownloader.exe, , [3e08e40cb3c8b77f96b3931f2cd5629e],
PUP.Optional.crossRider.A, C:\Program Files (x86)\Senses\utils.exe, , [f551dc147dfe7abcc7536cd447b99868],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.exe, , [d076886880fb53e324cb959dff0245bb],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.exe, , [ae983eb2215a092d4da2b280eb168e72],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.exe, , [351104ec116afc3a37b8b28022df4cb4],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.exe, , [d3735799225945f1638c6bc713ee926e],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-64.exe, , [1234e20edf9c48ee13dc0c26a061b749],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.exe, , [024410e007746dc9bf30a78b3bc638c8],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bg.exe, , [3214856b86f564d2e60966cc9071f907],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho.dll, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho64.dll, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.exe, , [63e338b8c1ba58de648b7db59a6723dd],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.exe, , [fc4a1dd3116ad95db9362111a65b5da3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe, , [52f4d51bf08b4cea37b844ee3cc549b7],
PUP.Optional.crossRider.A, C:\Program Files (x86)\iWebar\utils.exe, , [7ec8e010a0dbc175d24858e8629e0df3],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installiwebar_26842\delay.exe, , [de68fbf5e497c2745ba238ba8480a060],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installiwebar_28379\delay.exe, , [f254856babd051e549b4648e877d24dc],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installiwebar_9942\delay.exe, , [66e0ef01e893df5744b9de14976dea16],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installsense_26842\delay.exe, , [7dc9db15b7c46ec86a93af4335cf43bd],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installsense_28379\delay.exe, , [242270803645be786c910ee4e61ec23e],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installsense_9942\delay.exe, , [4df969876516f34345b805ed30d4ef11],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installshopperpro_20467\delay.exe, , [96b028c87b0076c066976d85b252e61a],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installshopperpro_27875\delay.exe, , [da6c2dc3e893e94d3cc1d1210df7718f],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Local\SoftorinoUpdates\FolderColorizerUpdate.exe, , [d27498586c0f77bfb5fe2f9d758c6d93],
PUP.Optional.TornTV.A, C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk, , [d472ee02225941f53e1c0401bf443fc1],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\background.html, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\1293297481.mxaddon, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.crx, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.xpi, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\986d367a-9cde-4720-b210-f9f9d57f9143.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.crx, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\bgNova.html, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\f2e908be-d1af-4025-a933-a3db49a7fac8.crx, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses.ico, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Uninstall.exe, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1, , [281e9858e19a63d3dd3d7d95bd4606fa],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11, , [6adca848e596a78fde3c61b1f80b0bf5],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2, , [b492549cd7a4fd3953c762b08083c63a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3, , [0e38ae421c5f2d090b0fe42e56ad6799],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4, , [083e16dad8a3d2642cee977be81bfc04],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5, , [46006b85b5c61422ff1bad6523e0a15f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user, , [be889a5622598fa70515a27031d227d9],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6, , [aa9c836d354689ad9c7e7d955ca79c64],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7, , [b492d61ae4977eb80812789a18ebbc44],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1, , [5aec2bc5accf76c0f426c44efb08a060],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11, , [e95de7093c3f072f8c8e35dd5ea53bc5],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2, , [4ff74da37efdaa8c71a916fcff043dc3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4, , [e660faf6a4d7340222f8ea28bd46d22e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5, , [f25418d8c3b8033322f8c74b40c312ee],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user, , [1f2735bbd2a94ee80b0f5bb77e858779],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6, , [e16504eca4d78ea8ff1b2be74db6eb15],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7, , [f74f45aba6d5df573ae064ae020137c9],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [9aacaa4652291d190d97ea37fb08ed13],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [d5714aa6601b280e7034031e09fa7d83],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\background.html, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\1293297481.mxaddon, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\70fd7b54-b59f-49ab-b528-97c3a2dbaa40.crx, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\786848aa-11eb-45f8-8b05-56b156e3f960.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.crx, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.xpi, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\bgNova.html, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar.ico, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\Uninstall.exe, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1.job, , [90b65b95fe7db680336b4f219c68f907],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.job, , [4105fbf5e9925adc425c6a06a0643fc1],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.job, , [54f244ac6f0c0a2c514d492736ce9868],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.job, , [73d3a44c0b7031056539b0c0a36107f9],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.job, , [4bfb45ab52297bbb8b13d69a5da7d22e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.job, , [89bd559b08734bebc6d80e62857f5da3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user.job, , [e165c52b196294a2227c165a7f855ba5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.job, , [b393f9f7b8c3d0668f0f492762a2cc34],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7.job, , [88bee10f8eed60d6138b8de361a314ec],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1.job, , [9da9c32d56256ec805999ed2d92bae52],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.job, , [dc6a38b8cdae70c6a0fe4828fd0756aa],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.job, , [c18545abdd9ed4625f3fa1cf3ec69b65],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.job, , [5de911df28530a2cd2ccbcb40400a65a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.job, , [b294f4fc6a111026adf10d63a46026da],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user.job, , [083e5a96b3c8a690c6d8c9a7ff056d93],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.job, , [06403eb28eed8caaa7f79dd3996b53ad],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.job, , [ca7cad43bbc0b2849ffffc742ed643bd],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [222434bc4f2cbf77892b6b05a65e36ca],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [86c0a34dea917abc6a4bafc106fed22e],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [f551d020b1cafb3baa0c83ed16eefb05],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [0b3b8f617dfe70c6dadd4c249a6a8c74],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276\TuneUpUtilities2013-2200329_cs-CZ.exe, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE\TuneUpUtilities2013-2200329_cs-CZ.exe, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [4105a0504338092de9689e4eee1425db],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-41-630].log, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-43-235].log, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, , [bc8a5a96d8a3fb3b7715916224de6898],
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v3.310 - Report created 21/09/2014 at 11:18:25
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : winki - WINKI-PC
# Running from : C:\Users\winki\Desktop\adwcleaner_3.310.exe
# Option : Scan
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : IePluginServices
Service Found : YouTubeAcceleratorService
***** [ Files / Folders ] *****
File Found : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\winki\daemonprocess.txt
File Found : C:\Users\winki\Desktop\YouTube Accelerator.lnk
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\iWebar
Folder Found : C:\Program Files (x86)\iWebar
Folder Found : C:\Program Files (x86)\PodoWeb
Folder Found : C:\Program Files (x86)\Senses
Folder Found : C:\Program Files (x86)\YouTube Accelerator
Folder Found : C:\Program Files (x86)\YTAHelper
Folder Found : C:\ProgramData\AlawarWrapper
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\ProgramData\YTAHelper
Folder Found : C:\Users\Public\Documents\AlawarWrapper
Folder Found : C:\Users\Public\Documents\Goobzo
Folder Found : C:\Users\Public\Documents\YTAHelper
Folder Found : C:\Users\winki\AppData\Local\AlawarWrapper
Folder Found : C:\Users\winki\AppData\Local\globalUpdate
Folder Found : C:\Users\winki\AppData\Local\Mobogenie
Folder Found : C:\Users\winki\AppData\LocalLow\Goobzo
Folder Found : C:\Users\winki\AppData\Roaming\Babylon
Folder Found : C:\Users\winki\AppData\Roaming\dvdvideosoftiehelpers
Folder Found : C:\Users\winki\AppData\Roaming\OpenCandy
Folder Found : C:\Users\winki\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\winki\AppData\Roaming\Solvusoft
Folder Found : C:\Users\winki\Documents\Mobogenie
***** [ Scheduled Tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : YTAHelper
Task Found : YTAUpdate_logon
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6
Task Found : 44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-1
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-11
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-2
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-4
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-5
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-6
Task Found : 8072a446-0201-4ff7-98a3-ad5df9c6ba67-7
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536 )
Shortcut Found : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536 )
Shortcut Found : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... 7653676536
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\iWebar
Key Found : HKCU\Software\AppDataLow\Software\iWebar
Key Found : HKCU\Software\AppDataLow\Software\Senses
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Goobzo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : HKCU\Software\SupHpUISoft
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\Goobzo
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\StartSearch
Key Found : [x64] HKCU\Software\SupHpUISoft
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192213}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195513}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196613}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194413}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Goobzo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\iWebar
Key Found : HKLM\SOFTWARE\iWebar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKLM\SOFTWARE\Senses
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SOFTWARE\Trymedia Systems
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192213}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195513}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196613}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... 7653676536
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}
-\\ Mozilla Firefox v
-\\ Google Chrome v37.0.2062.120
[ File : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19848 octets] - [21/09/2014 11:18:25]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [19909 octets] ##########
Malwarebytes' Anti-Malware
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 21.9.2014
Scan Time: 11:24:55
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.21.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: winki
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 329156
Time Elapsed: 3 min, 58 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, 1828, , [ba8c3cb4582301354017c5ebe21f23dd]
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, 2884, , [af97a74945367eb8e20dad8519e814ec]
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, 3008, , [0046b43cd5a62c0a3c0d8b27e9185ca4]
Modules: 2
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
Registry Keys: 78
PUP.Optional.ELEX, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [ba8c3cb4582301354017c5ebe21f23dd],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\CLASSES\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [192d22cee497d85e33fd348f91719c64],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [192d22cee497d85e33fd348f91719c64],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [fa4c45abaecde2541b13883b09f9966a],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [fa4c45abaecde2541b13883b09f9966a],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}, , [4303a54b205ba591a28d685b43bfaf51],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [7fc7f9f7572434024d62ff8f16ecb24e],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\CLASSES\APPID\WebCakeIEClient.DLL, , [db6b8070a1da63d3c706dd6c08fc38c8],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, , [3c0ad31d0a71013594b035f8976cce32],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, , [7cca25cbc4b7e05684c0220b59aae21e],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [2e1837b9c2b966d09fee5dfefa0a9769],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [76d0717fb9c282b43f47b15ae12201ff],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, , [d76f8c642d4e3ef8654fadaafd07eb15],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [2620d31d502bb68027d8afc010f4d42c],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [81c5ee022e4df640883cfb0e867d7c84],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\WebCakeIEClient.DLL, , [57efc42cdba04cea775614355da73ac6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [a6a0dc14c9b20036fa25da3806fd5aa6],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bicnnkjibmphdeigoodpjlcklcnaobdj, , [56f0a0505b203df90e711813b84b31cf],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, , [d6709d539fdcfb3b6c681a2f70949b65],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\20891, , [5fe7b0402a51ea4c20242eff3ec545bb],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, , [0d391dd37803a492ba8a1a134cb711ef],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [58ee17d90675f73fe2abbe9d18ec20e0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [e462c52bde9df244e73f720145bf7888],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [75d1cc24116a211555d2442f3ec63ec2],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [bc8a27c9c6b5a591942f7198996ac43c],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [ec5a846ccdae86b016e2cf658e75ba46],
PUP.Optional.GoPhotoIT.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheGoPhoto.it V10, , [cb7b01ef106b66d060ca155caa5aca36],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, , [83c300f00b7095a1838bf47d34d0a060],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [c87e45abf48772c458ea242d39cb936d],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, , [3f07faf69be0f54186faa467c0432ed2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [ca7cec04116a74c2b085a8bc82823bc5],
PUP.Optional.iWebar.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [0442f9f7bac13501639590a4996aa759],
PUP.Optional.Qone8, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [ee5829c7bdbe251108849bc0c73df10f],
PUP.Optional.Softonic.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [cb7b8c6498e371c512afe54355ae867a],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [4ff7b53bb2c9b77f356423cd7c86867a],
Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [a6a0dc14c9b20036fa25da3806fd5aa6]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, ild, , [bc8a27c9c6b5a591942f7198996ac43c]
Registry Data: 11
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),,[91b517d97cff989eca49926a1be9b24e]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),,[ec5a747cb9c2d3630405d22ab74d06fa]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[4402b23e5c1f1125af58906ca3617b85]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[98aed719e09bb086b556679530d49a66]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[6bdb33bd5f1c94a24ed6ae59f0157b85]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),,[0343d31dc7b4989eb45f7d7fdf25de22]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),,[1b2b539d1269bf77d9307a829a6a9a66]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[6ed81bd56a1147ef3ccb3ac216eefc04]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[410520d02e4d072fa6657a82db299769]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[54f21ad623584bebea3ae324709532ce]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),,[c482846ca1da85b1da2e4ab20bf9da26]
Folders: 21
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [4105a0504338092de9689e4eee1425db],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [4105a0504338092de9689e4eee1425db],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{74979C8B-D3CC-4965-9532-F0FA0D992142}, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, , [bc8a5a96d8a3fb3b7715916224de6898],
Files: 133
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, , [ba8c3cb4582301354017c5ebe21f23dd],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, , [af97a74945367eb8e20dad8519e814ec],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, , [0046b43cd5a62c0a3c0d8b27e9185ca4],
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [2a1c529ef08bf44221aed5dd8e737f81],
PUP.Optional.Senses.A, C:\Users\winki\AppData\Roaming\AVNUOK.exe, , [82c4fcf496e54de967e205adaa57639d],
PUP.Optional.Senses.A, C:\Users\winki\AppData\Roaming\SXMQIHM.exe, , [af97f6fa473443f398b1ebc7e02106fa],
PUP.Optional.Babylon.A, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E\DeltaTB.exe, , [4cfa8f61fa8178bed6d88195a859c53b],
PUP.Optional.Babylon.A, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF\DeltaTB.exe, , [75d1f8f8116ae35305a98c8a13ee9769],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.exe, , [72d4d020afcc5ed80b3ed8da986947b9],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.exe, , [6bdbc62accaf3afc1039545e24dd07f9],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.exe, , [72d47f71dc9fd165f6535c5605fcc838],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.exe, , [d670ee027407b5810c3d01b1758c0ef2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.exe, , [4006c52b14678da9f950b200bb4630d0],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-64.exe, , [1531fcf4374410262d1c30823fc2dc24],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7.exe, , [7fc714dc9be0f343f5544f63936e3ec2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bg.exe, , [f84e19d7d9a2a49212378a28de239c64],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho.dll, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho64.dll, , [82c46a8685f673c3f257664cee134eb2],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.exe, , [bb8b47a9c2b92c0af257b8fab34ed828],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.exe, , [1e287b759fdcdf576edb377b1ce51fe1],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-codedownloader.exe, , [3e08e40cb3c8b77f96b3931f2cd5629e],
PUP.Optional.crossRider.A, C:\Program Files (x86)\Senses\utils.exe, , [f551dc147dfe7abcc7536cd447b99868],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.exe, , [d076886880fb53e324cb959dff0245bb],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.exe, , [ae983eb2215a092d4da2b280eb168e72],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.exe, , [351104ec116afc3a37b8b28022df4cb4],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.exe, , [d3735799225945f1638c6bc713ee926e],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-64.exe, , [1234e20edf9c48ee13dc0c26a061b749],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.exe, , [024410e007746dc9bf30a78b3bc638c8],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bg.exe, , [3214856b86f564d2e60966cc9071f907],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho.dll, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho64.dll, , [90b6e20e06754aec77783ef4946da35d],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.exe, , [63e338b8c1ba58de648b7db59a6723dd],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.exe, , [fc4a1dd3116ad95db9362111a65b5da3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe, , [52f4d51bf08b4cea37b844ee3cc549b7],
PUP.Optional.crossRider.A, C:\Program Files (x86)\iWebar\utils.exe, , [7ec8e010a0dbc175d24858e8629e0df3],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installiwebar_26842\delay.exe, , [de68fbf5e497c2745ba238ba8480a060],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installiwebar_28379\delay.exe, , [f254856babd051e549b4648e877d24dc],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installiwebar_9942\delay.exe, , [66e0ef01e893df5744b9de14976dea16],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installsense_26842\delay.exe, , [7dc9db15b7c46ec86a93af4335cf43bd],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installsense_28379\delay.exe, , [242270803645be786c910ee4e61ec23e],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installsense_9942\delay.exe, , [4df969876516f34345b805ed30d4ef11],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installshopperpro_20467\delay.exe, , [96b028c87b0076c066976d85b252e61a],
PUP.Optional.GoobZo, C:\Users\winki\AppData\Local\Installer\Installshopperpro_27875\delay.exe, , [da6c2dc3e893e94d3cc1d1210df7718f],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Local\SoftorinoUpdates\FolderColorizerUpdate.exe, , [d27498586c0f77bfb5fe2f9d758c6d93],
PUP.Optional.TornTV.A, C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk, , [d472ee02225941f53e1c0401bf443fc1],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\background.html, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\1293297481.mxaddon, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.crx, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.xpi, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\986d367a-9cde-4720-b210-f9f9d57f9143.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.crx, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\bgNova.html, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\f2e908be-d1af-4025-a933-a3db49a7fac8.crx, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.dll, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses.ico, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Uninstall.exe, , [1d294ba5057680b60af73dcd956e817f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1, , [281e9858e19a63d3dd3d7d95bd4606fa],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11, , [6adca848e596a78fde3c61b1f80b0bf5],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2, , [b492549cd7a4fd3953c762b08083c63a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3, , [0e38ae421c5f2d090b0fe42e56ad6799],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4, , [083e16dad8a3d2642cee977be81bfc04],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5, , [46006b85b5c61422ff1bad6523e0a15f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user, , [be889a5622598fa70515a27031d227d9],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6, , [aa9c836d354689ad9c7e7d955ca79c64],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7, , [b492d61ae4977eb80812789a18ebbc44],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1, , [5aec2bc5accf76c0f426c44efb08a060],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11, , [e95de7093c3f072f8c8e35dd5ea53bc5],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2, , [4ff74da37efdaa8c71a916fcff043dc3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4, , [e660faf6a4d7340222f8ea28bd46d22e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5, , [f25418d8c3b8033322f8c74b40c312ee],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user, , [1f2735bbd2a94ee80b0f5bb77e858779],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6, , [e16504eca4d78ea8ff1b2be74db6eb15],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7, , [f74f45aba6d5df573ae064ae020137c9],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [9aacaa4652291d190d97ea37fb08ed13],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [d5714aa6601b280e7034031e09fa7d83],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll, , [0d3921cf09726accc0128dbc3acae719],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\background.html, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\1293297481.mxaddon, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\70fd7b54-b59f-49ab-b528-97c3a2dbaa40.crx, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\786848aa-11eb-45f8-8b05-56b156e3f960.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.crx, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.xpi, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\bgNova.html, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.dll, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar.ico, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\Uninstall.exe, , [e165eb05d3a87bbbf4be76e18a7ac040],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1.job, , [90b65b95fe7db680336b4f219c68f907],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.job, , [4105fbf5e9925adc425c6a06a0643fc1],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.job, , [54f244ac6f0c0a2c514d492736ce9868],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.job, , [73d3a44c0b7031056539b0c0a36107f9],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.job, , [4bfb45ab52297bbb8b13d69a5da7d22e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.job, , [89bd559b08734bebc6d80e62857f5da3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user.job, , [e165c52b196294a2227c165a7f855ba5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.job, , [b393f9f7b8c3d0668f0f492762a2cc34],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7.job, , [88bee10f8eed60d6138b8de361a314ec],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1.job, , [9da9c32d56256ec805999ed2d92bae52],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.job, , [dc6a38b8cdae70c6a0fe4828fd0756aa],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.job, , [c18545abdd9ed4625f3fa1cf3ec69b65],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.job, , [5de911df28530a2cd2ccbcb40400a65a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.job, , [b294f4fc6a111026adf10d63a46026da],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user.job, , [083e5a96b3c8a690c6d8c9a7ff056d93],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.job, , [06403eb28eed8caaa7f79dd3996b53ad],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.job, , [ca7cad43bbc0b2849ffffc742ed643bd],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [222434bc4f2cbf77892b6b05a65e36ca],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [86c0a34dea917abc6a4bafc106fed22e],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [f551d020b1cafb3baa0c83ed16eefb05],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [0b3b8f617dfe70c6dadd4c249a6a8c74],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276\TuneUpUtilities2013-2200329_cs-CZ.exe, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE\TuneUpUtilities2013-2200329_cs-CZ.exe, , [2d195d93a4d7ff37b3e67a5c9270c33d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [4105a0504338092de9689e4eee1425db],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-41-630].log, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-43-235].log, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [7fc7b040bdbe88aecbf63faf1fe302fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [4ff7b53bb2c9b77f356423cd7c86867a],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, , [bc8a5a96d8a3fb3b7715916224de6898],
Physical Sectors: 0
(No malicious items detected)
(end)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosil bych o kontrolu Logu
Znovu spusť MbAM a dej Skenovat nyní
Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
Zkopíruj sem celý obsah toho logu.
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
Zkopíruj sem celý obsah toho logu.
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosil bych o kontrolu Logu
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 21.9.2014
Scan Time: 21:37:09
Logfile: Malwarebytes 2.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.21.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: winki
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 266484
Time Elapsed: 1 min, 17 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, 1828, Delete-on-Reboot, [bf8779779cdf7eb85ff8654ba65b926e]
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, 2884, Delete-on-Reboot, [172fbf3193e839fd0ee15bd737cad32d]
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, 3008, Delete-on-Reboot, [64e25f91f08bdc5a6ddca80a798817e9]
Modules: 2
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, Delete-on-Reboot, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, Delete-on-Reboot, [3115af4189f28bab337f4215a95b2dd3],
Registry Keys: 59
PUP.Optional.ELEX, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [bf8779779cdf7eb85ff8654ba65b926e],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\CLASSES\APPID\WebCakeIEClient.DLL, Quarantined, [a1a5c22eaecd2610319c6cddc143f60a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, Quarantined, [1a2c2ac659223402053f78b556add42c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [1e28b8389ae1f244f15352db05fe02fe],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [c482539d245791a53459e4777391926e],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, Quarantined, [8cba668ac8b38bab04827398fe05e917],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, Quarantined, [4bfb5799a3d8d6609b19d483bf456799],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [4600b23ede9d38fe99665c13fb09ca36],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, Quarantined, [af974ca4fe7db77f19ab8a7fb94abd43],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\WebCakeIEClient.DLL, Quarantined, [0343bf31413a9d99fbd2dc6d32d2e61a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [6fd79060adceb87efa25d24005fe07f9],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bicnnkjibmphdeigoodpjlcklcnaobdj, Quarantined, [4df97779f784e84ea2ddc76459aac23e],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, Quarantined, [82c49060e19acc6a05cf420733d11ee2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\20891, Quarantined, [ed5933bdbac125116cd8f7367b881fe1],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [a79fb43c4d2ec47297ad66c7e12243bd],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [3610747c55269e9888051f3cf70d27d9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [ce78e01015660135af77fc77a163956b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [301613ddfa812f0781a67bf88d77728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [6adcda16344778be477ca366719206fa],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [0640be32186363d3d32567cddc275fa1],
PUP.Optional.GoPhotoIT.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheGoPhoto.it V10, Quarantined, [d86ee40cbfbceb4be743373a50b49868],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, Quarantined, [91b5d31ddd9e999dc34b442d07fd28d8],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [d670e40c1764ac8a65ddcc85ea1a639d],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [ea5c5e92582366d0641c6ba0a95a956b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [ec5a4ca43942ca6c5cd97aeac53f8f71],
PUP.Optional.iWebar.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [50f62ac62b508bab8573e54fe81b26da],
PUP.Optional.Qone8, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [b98dd51be695f640fa9271ea768e50b0],
PUP.Optional.Softonic.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [58eee808364557df60618f99986bb24e],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [6fd79060adceb87efa25d24005fe07f9]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, ild, Quarantined, [6adcda16344778be477ca366719206fa]
Registry Data: 11
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),Replaced,[0c3a49a7a5d66accc94a27d530d456aa]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),Replaced,[64e2a749dba0132336d3fb01b450ac54]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[ff47b9375c1f3ef88f78d92348bc15eb]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[91b52ec21269e84e74972ece23e1f40c]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[b49214dc601b73c361c3fa0d01043bc5]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),Replaced,[72d4c828097265d1858e30cc669ef808]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),Replaced,[63e3a8489be00b2bec1d7884e321f907]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[fd49f6fab3c8cd69a760cc301ee609f7]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[ea5c569a403b270f42c96f8d16eef907]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[3e085d9374071e185ec6f3140401f808]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[51f525cb0774e55156b2827a38cc11ef]
Folders: 21
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses, Delete-on-Reboot, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar, Delete-on-Reboot, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Delete-on-Reboot, [79cd5f91aad145f1ca879c50639f06fa],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [79cd5f91aad145f1ca879c50639f06fa],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{74979C8B-D3CC-4965-9532-F0FA0D992142}, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, Quarantined, [ae98a0507a014beb6329896a669cf60a],
Files: 114
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, Delete-on-Reboot, [bf8779779cdf7eb85ff8654ba65b926e],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, Delete-on-Reboot, [172fbf3193e839fd0ee15bd737cad32d],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, Delete-on-Reboot, [64e25f91f08bdc5a6ddca80a798817e9],
PUP.Optional.TornTV.A, C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk, Quarantined, [31153eb216655ed867f38b7a7093c63a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\background.html, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\1293297481.mxaddon, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.crx, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.xpi, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\986d367a-9cde-4720-b210-f9f9d57f9143.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.crx, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, Delete-on-Reboot, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\bgNova.html, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\f2e908be-d1af-4025-a933-a3db49a7fac8.crx, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bg.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho64.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-codedownloader.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses.ico, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Uninstall.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\utils.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1, Quarantined, [eb5b29c7c5b6da5c78a259b9b64dea16],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11, Quarantined, [1f2732bebac1053169b143cf16ed748c],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2, Quarantined, [f35345abc5b6cc6a4fcbac6615ee58a8],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3, Quarantined, [96b0945cdc9f62d478a247cb62a132ce],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4, Quarantined, [3214747ccface650a773739f25de25db],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5, Quarantined, [083edd133a4160d616047c963dc632ce],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user, Quarantined, [7dc988684e2d280e0911af63f90a15eb],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6, Quarantined, [a89ef000c6b5f640c3571af88380f60a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7, Quarantined, [3e08a34d3546f2448f8b48ca10f3768a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1, Quarantined, [d076f4fcee8df6401802e1311ae9857b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11, Quarantined, [ee58965a55261026ce4c49c9cd3625db],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2, Quarantined, [d571a44c73080036fe1cd43ecc372dd3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4, Quarantined, [380eee0244370a2ca6742de53fc424dc],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5, Quarantined, [2620807098e3a78fc456bd5514ef43bd],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user, Quarantined, [8eb87b75bfbc50e6d248c34fd03326da],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6, Quarantined, [b5916789ec8fe0564ecc3ed443c03ac6],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7, Quarantined, [56f09858dc9fc373db3f749e15eebf41],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [b591569ab2c9f44200a41110e51e8779],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Delete-on-Reboot, [0046915fa0db37ff3a6a4ed3d13227d9],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\background.html, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\1293297481.mxaddon, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\70fd7b54-b59f-49ab-b528-97c3a2dbaa40.crx, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\786848aa-11eb-45f8-8b05-56b156e3f960.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-64.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.crx, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.xpi, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\bgNova.html, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, Delete-on-Reboot, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bg.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho64.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar.ico, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\Uninstall.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\utils.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1.job, Quarantined, [da6c6789f784ce682b739cd41fe5c63a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.job, Quarantined, [a89e07e9502bac8a712dea8627dd966a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.job, Quarantined, [81c56a86cdaef2440c92df91ac580cf4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.job, Quarantined, [ed592dc3ec8ff442cdd1cfa1ed17f60a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.job, Quarantined, [98aeaf418bf037ff247a125ed82c09f7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.job, Quarantined, [f94d1ad67efd73c3a7f771ff56ae3ec2],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user.job, Quarantined, [61e546aa1a6187affea0d29e39cb16ea],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.job, Quarantined, [ef575b95e19aa591148ad59b000423dd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7.job, Quarantined, [9babd917daa15ed8f2aca8c832d2b64a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1.job, Quarantined, [c680cf21de9d61d5bfdf244cfb0939c7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.job, Quarantined, [e363628e394288ae4a54da9623e1de22],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.job, Quarantined, [49fd8868df9cd6609d0179f7a65e619f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.job, Quarantined, [aa9cfdf395e613236935412f35cf42be],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.job, Quarantined, [1a2cce22c8b312242975561ae91bb050],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user.job, Quarantined, [be883cb4c7b493a3cad4d49c10f42ed2],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.job, Quarantined, [93b319d7b7c49c9af4aab8b810f423dd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.job, Quarantined, [172f26cab0cba0965846cca4da2ad030],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [c68037b9b9c2f73f4b69b8b8758f5ea2],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [a2a40ee2c9b22b0b5e57ec8461a3e21e],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [70d670802e4dd75f20966d03699b926e],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [88be9a56dd9e79bdbafdbdb3bf4505fb],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E\DeltaTB.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276\TuneUpUtilities2013-2200329_cs-CZ.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE\TuneUpUtilities2013-2200329_cs-CZ.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF\DeltaTB.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Quarantined, [79cd5f91aad145f1ca879c50639f06fa],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-41-630].log, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-43-235].log, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, Quarantined, [ae98a0507a014beb6329896a669cf60a],
Physical Sectors: 0
(No malicious items detected)
(end)
------------------------------------------------------------------------------------------------------
# AdwCleaner v3.310 - Report created 21/09/2014 at 21:43:09
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : winki - WINKI-PC
# Running from : C:\Users\winki\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : YouTubeAcceleratorService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\YTAHelper
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iWebar
Folder Deleted : C:\Program Files (x86)\PodoWeb
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\YTAHelper
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
Folder Deleted : C:\Users\winki\AppData\Local\globalUpdate
Folder Deleted : C:\Users\winki\AppData\Local\Mobogenie
Folder Deleted : C:\Users\winki\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\winki\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\winki\AppData\Roaming\Babylon
Folder Deleted : C:\Users\winki\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\winki\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\winki\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\winki\Documents\Mobogenie
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\winki\daemonprocess.txt
File Deleted : C:\Users\winki\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : YTAHelper
Task Deleted : YTAUpdate_logon
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
Shortcut Disinfected : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v
-\\ Google Chrome v37.0.2062.120
[ File : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.vidohe.com/video-search-results.php?q={searchTerms}&cx=005536796155304041479%3Ahbixpuuu7l8&cof=FORID%3A11&from=os-family
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1QzutDtDtByCtAyB0B0DtAzyyEtByByB0F0AtN0D0Tzu0CyDtByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=631647058&ir=
*************************
AdwCleaner[R0].txt - [20166 octets] - [21/09/2014 11:18:25]
AdwCleaner[R1].txt - [14348 octets] - [21/09/2014 21:42:33]
AdwCleaner[S0].txt - [14077 octets] - [21/09/2014 21:43:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14138 octets] ##########
--------------------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Professional x64
Ran by winki on ne 21.09.2014 at 21:46:12,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191113}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 21.09.2014 at 21:54:05,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------------------------------------------------------------------------------------------------------
RogueKiller V9.2.11.0 (x64) [Sep 9 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : winki [Práva správce]
Mód : Kontrola -- Datum : 09/21/2014 21:59:28
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 23 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO (\??\C:\Users\winki\AppData\Local\Temp\ALSysIO64.sys) -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\Users\winki\AppData\Local\Temp\ALSysIO64.sys) -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO (\??\C:\Users\winki\AppData\Local\Temp\ALSysIO64.sys) -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NALEZENO
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NALEZENO
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NALEZENO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NALEZENO
¤¤¤ naplánované úlohy : 5 ¤¤¤
[Suspicious.Path] AVNUOK.job -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> NALEZENO
[Suspicious.Path] SXMQIHM.job -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> NALEZENO
[Suspicious.Path] \\AVNUOK -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> NALEZENO
[Suspicious.Path] \\Installer_shopperpro -- C:\Users\winki\AppData\Local\Installer\Installshopperpro_20467\delay.exe (/S /SCHEDULE /MAG=smtycdelay /pn=shopperpro /pixGuid=1d35ee98-a89f-4f7b-b89e-da48cdf8a01f /sub=) -> NALEZENO
[Suspicious.Path] \\SXMQIHM -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> NALEZENO
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 1 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\DRIVERS\dtsoftbus01.sys)
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] d7c8f43337ddd236fcb5c4771348b352
[BSP] 3468990b40b9d8173e27cdc3d4912bf0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 80000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 150000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 471042048 | Size: 1677726 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] ab2903e97e3d9916fb74b0995612a4c2
[BSP] d8fd4a74a38250dd9e18a2e0fb852f23 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 122103 MB
1 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 250067007 | Size: 0 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: +++++
--- User ---
[MBR] 852b14d11863fd0dfc8ca36ce7990cbc
[BSP] c86e944439d366381f288801936a67d6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 953868 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive3: +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
www.malwarebytes.org
Scan Date: 21.9.2014
Scan Time: 21:37:09
Logfile: Malwarebytes 2.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.21.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: winki
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 266484
Time Elapsed: 1 min, 17 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, 1828, Delete-on-Reboot, [bf8779779cdf7eb85ff8654ba65b926e]
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, 2884, Delete-on-Reboot, [172fbf3193e839fd0ee15bd737cad32d]
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, 3008, Delete-on-Reboot, [64e25f91f08bdc5a6ddca80a798817e9]
Modules: 2
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, Delete-on-Reboot, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, Delete-on-Reboot, [3115af4189f28bab337f4215a95b2dd3],
Registry Keys: 59
PUP.Optional.ELEX, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [bf8779779cdf7eb85ff8654ba65b926e],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196615}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194415}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192215}, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195513}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666196613}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644194413}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\2657e500f3e90131a4e91fb939dcadf40061913.Sandbox.1, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622192213}, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\CLASSES\APPID\WebCakeIEClient.DLL, Quarantined, [a1a5c22eaecd2610319c6cddc143f60a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, Quarantined, [1a2c2ac659223402053f78b556add42c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [1e28b8389ae1f244f15352db05fe02fe],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [c482539d245791a53459e4777391926e],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, Quarantined, [8cba668ac8b38bab04827398fe05e917],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, Quarantined, [4bfb5799a3d8d6609b19d483bf456799],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [4600b23ede9d38fe99665c13fb09ca36],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, Quarantined, [af974ca4fe7db77f19ab8a7fb94abd43],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\WebCakeIEClient.DLL, Quarantined, [0343bf31413a9d99fbd2dc6d32d2e61a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [6fd79060adceb87efa25d24005fe07f9],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bicnnkjibmphdeigoodpjlcklcnaobdj, Quarantined, [4df97779f784e84ea2ddc76459aac23e],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, Quarantined, [82c49060e19acc6a05cf420733d11ee2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\20891, Quarantined, [ed5933bdbac125116cd8f7367b881fe1],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [a79fb43c4d2ec47297ad66c7e12243bd],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [3610747c55269e9888051f3cf70d27d9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [ce78e01015660135af77fc77a163956b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [301613ddfa812f0781a67bf88d77728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [6adcda16344778be477ca366719206fa],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [0640be32186363d3d32567cddc275fa1],
PUP.Optional.GoPhotoIT.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheGoPhoto.it V10, Quarantined, [d86ee40cbfbceb4be743373a50b49868],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, Quarantined, [91b5d31ddd9e999dc34b442d07fd28d8],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [d670e40c1764ac8a65ddcc85ea1a639d],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [ea5c5e92582366d0641c6ba0a95a956b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [ec5a4ca43942ca6c5cd97aeac53f8f71],
PUP.Optional.iWebar.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [50f62ac62b508bab8573e54fe81b26da],
PUP.Optional.Qone8, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [b98dd51be695f640fa9271ea768e50b0],
PUP.Optional.Softonic.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [58eee808364557df60618f99986bb24e],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [6fd79060adceb87efa25d24005fe07f9]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, ild, Quarantined, [6adcda16344778be477ca366719206fa]
Registry Data: 11
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),Replaced,[0c3a49a7a5d66accc94a27d530d456aa]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),Replaced,[64e2a749dba0132336d3fb01b450ac54]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[ff47b9375c1f3ef88f78d92348bc15eb]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[91b52ec21269e84e74972ece23e1f40c]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[b49214dc601b73c361c3fa0d01043bc5]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 7653676536),Replaced,[72d4c828097265d1858e30cc669ef808]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... 3676536&q={searchTerms}),Replaced,[63e3a8489be00b2bec1d7884e321f907]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[fd49f6fab3c8cd69a760cc301ee609f7]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[ea5c569a403b270f42c96f8d16eef907]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[3e085d9374071e185ec6f3140401f808]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-4186332502-561800029-4199212318-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536, Good: (www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... 7653676536),Replaced,[51f525cb0774e55156b2827a38cc11ef]
Folders: 21
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses, Delete-on-Reboot, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar, Delete-on-Reboot, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Delete-on-Reboot, [79cd5f91aad145f1ca879c50639f06fa],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [79cd5f91aad145f1ca879c50639f06fa],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{74979C8B-D3CC-4965-9532-F0FA0D992142}, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, Quarantined, [ae98a0507a014beb6329896a669cf60a],
Files: 114
PUP.Optional.ELEX, C:\ProgramData\IePluginServices\PluginService.exe, Delete-on-Reboot, [bf8779779cdf7eb85ff8654ba65b926e],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.exe, Delete-on-Reboot, [172fbf3193e839fd0ee15bd737cad32d],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.exe, Delete-on-Reboot, [64e25f91f08bdc5a6ddca80a798817e9],
PUP.Optional.TornTV.A, C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk, Quarantined, [31153eb216655ed867f38b7a7093c63a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\background.html, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\1293297481.mxaddon, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.crx, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61.xpi, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\986d367a-9cde-4720-b210-f9f9d57f9143.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.crx, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\aafdcf46-e560-473c-9dd0-794c2f511d65.dll, Delete-on-Reboot, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\bgNova.html, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\f2e908be-d1af-4025-a933-a3db49a7fac8.crx, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bg.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-bho64.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.dll, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-buttonutil64.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses-codedownloader.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Senses.ico, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\Uninstall.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.Senses.A, C:\Program Files (x86)\Senses\utils.exe, Quarantined, [9aac26cab1ca56e0f50c18f2e61de61a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1, Quarantined, [eb5b29c7c5b6da5c78a259b9b64dea16],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11, Quarantined, [1f2732bebac1053169b143cf16ed748c],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2, Quarantined, [f35345abc5b6cc6a4fcbac6615ee58a8],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3, Quarantined, [96b0945cdc9f62d478a247cb62a132ce],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4, Quarantined, [3214747ccface650a773739f25de25db],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5, Quarantined, [083edd133a4160d616047c963dc632ce],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user, Quarantined, [7dc988684e2d280e0911af63f90a15eb],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6, Quarantined, [a89ef000c6b5f640c3571af88380f60a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7, Quarantined, [3e08a34d3546f2448f8b48ca10f3768a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1, Quarantined, [d076f4fcee8df6401802e1311ae9857b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11, Quarantined, [ee58965a55261026ce4c49c9cd3625db],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2, Quarantined, [d571a44c73080036fe1cd43ecc372dd3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4, Quarantined, [380eee0244370a2ca6742de53fc424dc],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5, Quarantined, [2620807098e3a78fc456bd5514ef43bd],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user, Quarantined, [8eb87b75bfbc50e6d248c34fd03326da],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6, Quarantined, [b5916789ec8fe0564ecc3ed443c03ac6],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7, Quarantined, [56f09858dc9fc373db3f749e15eebf41],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [b591569ab2c9f44200a41110e51e8779],
PUP.Optional.Superfish.A, C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Delete-on-Reboot, [0046915fa0db37ff3a6a4ed3d13227d9],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll, Quarantined, [43037b75a9d2b6804d8565e464a05ea2],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\background.html, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\1293297481.mxaddon, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\70fd7b54-b59f-49ab-b528-97c3a2dbaa40.crx, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\786848aa-11eb-45f8-8b05-56b156e3f960.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-64.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.crx, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\8072a446-0201-4ff7-98a3-ad5df9c6ba67.xpi, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\bgNova.html, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\eb380ed8-8328-4b56-93a1-30c2ad4b7e5f.dll, Delete-on-Reboot, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bg.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-bho64.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.dll, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-buttonutil64.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\iWebar.ico, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\Uninstall.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.iWebar.A, C:\Program Files (x86)\iWebar\utils.exe, Quarantined, [3115af4189f28bab337f4215a95b2dd3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1.job, Quarantined, [da6c6789f784ce682b739cd41fe5c63a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.job, Quarantined, [a89e07e9502bac8a712dea8627dd966a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.job, Quarantined, [81c56a86cdaef2440c92df91ac580cf4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.job, Quarantined, [ed592dc3ec8ff442cdd1cfa1ed17f60a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.job, Quarantined, [98aeaf418bf037ff247a125ed82c09f7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.job, Quarantined, [f94d1ad67efd73c3a7f771ff56ae3ec2],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user.job, Quarantined, [61e546aa1a6187affea0d29e39cb16ea],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-6.job, Quarantined, [ef575b95e19aa591148ad59b000423dd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-7.job, Quarantined, [9babd917daa15ed8f2aca8c832d2b64a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-1.job, Quarantined, [c680cf21de9d61d5bfdf244cfb0939c7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.job, Quarantined, [e363628e394288ae4a54da9623e1de22],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-2.job, Quarantined, [49fd8868df9cd6609d0179f7a65e619f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.job, Quarantined, [aa9cfdf395e613236935412f35cf42be],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5.job, Quarantined, [1a2cce22c8b312242975561ae91bb050],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-5_user.job, Quarantined, [be883cb4c7b493a3cad4d49c10f42ed2],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-6.job, Quarantined, [93b319d7b7c49c9af4aab8b810f423dd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8072a446-0201-4ff7-98a3-ad5df9c6ba67-7.job, Quarantined, [172f26cab0cba0965846cca4da2ad030],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [c68037b9b9c2f73f4b69b8b8758f5ea2],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [a2a40ee2c9b22b0b5e57ec8461a3e21e],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [70d670802e4dd75f20966d03699b926e],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [88be9a56dd9e79bdbafdbdb3bf4505fb],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\4D259D83AA9E432AA09388C243E6902E\DeltaTB.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\830168326680426EBC1D1A1FE6710276\TuneUpUtilities2013-2200329_cs-CZ.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\95021CE8C4124BAD8923C36E35AB25AE\TuneUpUtilities2013-2200329_cs-CZ.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.OpenCandy, C:\Users\winki\AppData\Roaming\OpenCandy\BAA4FF4C36D14A6AA504F076C9575AFF\DeltaTB.exe, Quarantined, [ba8cfaf6f685cf671485983e1de51ae6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Quarantined, [79cd5f91aad145f1ca879c50639f06fa],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-41-630].log, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-10[10-25-43-235].log, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [4bfba0504536290d853ce40ab74b619f],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [aa9c38b8a5d654e2c0d93cb43dc57888],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, Quarantined, [ae98a0507a014beb6329896a669cf60a],
Physical Sectors: 0
(No malicious items detected)
(end)
------------------------------------------------------------------------------------------------------
# AdwCleaner v3.310 - Report created 21/09/2014 at 21:43:09
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : winki - WINKI-PC
# Running from : C:\Users\winki\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : YouTubeAcceleratorService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\YTAHelper
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iWebar
Folder Deleted : C:\Program Files (x86)\PodoWeb
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\YTAHelper
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
Folder Deleted : C:\Users\winki\AppData\Local\globalUpdate
Folder Deleted : C:\Users\winki\AppData\Local\Mobogenie
Folder Deleted : C:\Users\winki\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\winki\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\winki\AppData\Roaming\Babylon
Folder Deleted : C:\Users\winki\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\winki\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\winki\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\winki\Documents\Mobogenie
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\winki\daemonprocess.txt
File Deleted : C:\Users\winki\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : YTAHelper
Task Deleted : YTAUpdate_logon
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
Shortcut Disinfected : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\winki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v
-\\ Google Chrome v37.0.2062.120
[ File : C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.vidohe.com/video-search-results.php?q={searchTerms}&cx=005536796155304041479%3Ahbixpuuu7l8&cof=FORID%3A11&from=os-family
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1QzutDtDtByCtAyB0B0DtAzyyEtByByB0F0AtN0D0Tzu0CyDtByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=631647058&ir=
*************************
AdwCleaner[R0].txt - [20166 octets] - [21/09/2014 11:18:25]
AdwCleaner[R1].txt - [14348 octets] - [21/09/2014 21:42:33]
AdwCleaner[S0].txt - [14077 octets] - [21/09/2014 21:43:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14138 octets] ##########
--------------------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Professional x64
Ran by winki on ne 21.09.2014 at 21:46:12,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191113}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 21.09.2014 at 21:54:05,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------------------------------------------------------------------------------------------------------
RogueKiller V9.2.11.0 (x64) [Sep 9 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : winki [Práva správce]
Mód : Kontrola -- Datum : 09/21/2014 21:59:28
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 23 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO (\??\C:\Users\winki\AppData\Local\Temp\ALSysIO64.sys) -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\Users\winki\AppData\Local\Temp\ALSysIO64.sys) -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO (\??\C:\Users\winki\AppData\Local\Temp\ALSysIO64.sys) -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NALEZENO
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NALEZENO
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NALEZENO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NALEZENO
¤¤¤ naplánované úlohy : 5 ¤¤¤
[Suspicious.Path] AVNUOK.job -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> NALEZENO
[Suspicious.Path] SXMQIHM.job -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> NALEZENO
[Suspicious.Path] \\AVNUOK -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> NALEZENO
[Suspicious.Path] \\Installer_shopperpro -- C:\Users\winki\AppData\Local\Installer\Installshopperpro_20467\delay.exe (/S /SCHEDULE /MAG=smtycdelay /pn=shopperpro /pixGuid=1d35ee98-a89f-4f7b-b89e-da48cdf8a01f /sub=) -> NALEZENO
[Suspicious.Path] \\SXMQIHM -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> NALEZENO
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 1 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\DRIVERS\dtsoftbus01.sys)
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] d7c8f43337ddd236fcb5c4771348b352
[BSP] 3468990b40b9d8173e27cdc3d4912bf0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 80000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 150000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 471042048 | Size: 1677726 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] ab2903e97e3d9916fb74b0995612a4c2
[BSP] d8fd4a74a38250dd9e18a2e0fb852f23 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 122103 MB
1 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 250067007 | Size: 0 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: +++++
--- User ---
[MBR] 852b14d11863fd0dfc8ca36ce7990cbc
[BSP] c86e944439d366381f288801936a67d6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 953868 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive3: +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosil bych o kontrolu Logu
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosil bych o kontrolu Logu
RogueKiller V9.2.11.0 (x64) [Sep 9 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : winki [Práva správce]
Mód : Odebrat -- Datum : 09/22/2014 18:52:26
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 23 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x] -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x] -> VYMAZÁNO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> ERROR [2]
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NAHRAZENO (1)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NAHRAZENO (1)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NAHRAZENO (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NAHRAZENO (2)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NAHRAZENO (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NAHRAZENO (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
¤¤¤ naplánované úlohy : 5 ¤¤¤
[Suspicious.Path] AVNUOK.job -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> VYMAZÁNO
[Suspicious.Path] SXMQIHM.job -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> VYMAZÁNO
[Suspicious.Path] \\AVNUOK -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> VYMAZÁNO
[Suspicious.Path] \\Installer_shopperpro -- C:\Users\winki\AppData\Local\Installer\Installshopperpro_20467\delay.exe (/S /SCHEDULE /MAG=smtycdelay /pn=shopperpro /pixGuid=1d35ee98-a89f-4f7b-b89e-da48cdf8a01f /sub=) -> VYMAZÁNO
[Suspicious.Path] \\SXMQIHM -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> VYMAZÁNO
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 1 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\DRIVERS\dtsoftbus01.sys)
¤¤¤ Webové prohlížeče : 11 ¤¤¤
[CHROME:Addon] Default : Google Docs [aohghmighlieiainnegkcijnfilokake] -> VYMAZÁNO
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> ERROR [2]
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : Chrome Remote Desktop [gbchcmhmhahfdphkhkmpfmihenigjmpp] -> ERROR [2]
[CHROME:Addon] Default : avast! Online Security [gomekmidlodglbbmalcneegieacbdmki] -> ERROR [2]
[CHROME:Addon] Default : Google Play [komhbcfkdcgmcdoenjcjheifdiabikfi] -> ERROR [2]
[CHROME:Addon] Default : Google Maps [lneaknkopdijkpnocmklfnjbeapigfbh] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Google Chrome to Phone Extension [oadboiipflhobonjjffjbfekfjcgkhco] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD20EZRX-00DC0B0 ATA Device +++++
--- User ---
[MBR] d7c8f43337ddd236fcb5c4771348b352
[BSP] 3468990b40b9d8173e27cdc3d4912bf0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 80000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 150000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 471042048 | Size: 1677726 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] ab2903e97e3d9916fb74b0995612a4c2
[BSP] d8fd4a74a38250dd9e18a2e0fb852f23 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 122103 MB
1 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 250067007 | Size: 0 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: +++++
--- User ---
[MBR] 852b14d11863fd0dfc8ca36ce7990cbc
[BSP] c86e944439d366381f288801936a67d6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 953868 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_09212014_215928.log - RKreport_SCN_09222014_184841.log
-------------------------------------------------------------------------------------------------------------------
Zoek.exe v5.0.0.0 Updated 21-09-2014
Tool run by winki on po 22.09.2014 at 18:55:09,76.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\winki\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
22.9.2014 18:55:40 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\splashtopremoteservice deleted successfully
==== Deleting Files \ Folders ======================
C:\Users\winki\.android deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\PROGRA~2\Maxiget deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Splashtop deleted
C:\Users\winki\AppData\Roaming\AlawarEntertainment deleted
C:\PROGRA~3\Splashtop deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\winki\AppData\Local\Maxiget deleted
C:\Users\winki\AppData\Local\cache deleted
C:\Users\winki\AppData\Local\Installer deleted
C:\Users\winki\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\windows\SysNative\Tasks\YTAUpdate deleted
C:\Windows\SysWOW64\AniGIF.ocx deleted
"C:\Users\winki\AppData\Roaming\AVNUOK" deleted
"C:\Users\winki\AppData\Roaming\SXMQIHM" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20.09.2014 20:48]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10.09.2014 20:46]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
==== Chromium Fix ======================
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\winki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3775 folders=333 1070991056 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\winki\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\winki\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on po 22.09.2014 at 19:02:56,04 ======================
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : winki [Práva správce]
Mód : Odebrat -- Datum : 09/22/2014 18:52:26
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 23 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x] -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x] -> VYMAZÁNO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\winki\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> ERROR [2]
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\winki\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NAHRAZENO (1)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NAHRAZENO (1)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NAHRAZENO (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NAHRAZENO (2)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NAHRAZENO (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NAHRAZENO (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
¤¤¤ naplánované úlohy : 5 ¤¤¤
[Suspicious.Path] AVNUOK.job -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> VYMAZÁNO
[Suspicious.Path] SXMQIHM.job -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> VYMAZÁNO
[Suspicious.Path] \\AVNUOK -- C:\Users\winki\AppData\Roaming\AVNUOK.exe (/infocmdline=sVowsQ2D7Q3pqFkLfTC9jfxj+D6JAUs4kqR0wIqazwoG24zD3g7ePtwWIc72QfHd2JVAAlRy6CDHLlpcfzlOxME18GspthNqwmXpEsaUxkgcK98zmU9JxS4WqEtA7OqUYyy257k2UYBenjszPP+mFX2cvil9ZsWfEIvcEeTPM/ke6KMathKk/M7nF8biDQOrXUuogpRRZ2lhzhxyXmKb7dL6HCF5Qdgml1TAAG32YxopVJ6fPgiD9kMAyZ+itxkPLXdjpZAhDm7NFBrW6jvk0Jq3exn3YdU570M+aQfCSwDti9x2PjV/htdw28yUY2J8ZAUQE7BPkwhIMzPzDKen8nbhgJFefK53ZS4Fd++q+QM5BpIP4k1RHlYf9I6SJto+b206EGonsrxDQ2d7y0VB6GplTYJe86Fd3/b3fR72djuBy83emQzJ15mnMtjUzVIUNKjlgyP9C/pyAShZPcFh3E3Ldjc+uOfUq7/AveUhHCTgoeRMPbec6XPLt+vfOspq) -> VYMAZÁNO
[Suspicious.Path] \\Installer_shopperpro -- C:\Users\winki\AppData\Local\Installer\Installshopperpro_20467\delay.exe (/S /SCHEDULE /MAG=smtycdelay /pn=shopperpro /pixGuid=1d35ee98-a89f-4f7b-b89e-da48cdf8a01f /sub=) -> VYMAZÁNO
[Suspicious.Path] \\SXMQIHM -- C:\Users\winki\AppData\Roaming\SXMQIHM.exe (/infocmdline=xcUcL+SB+t6bz3ON0LZUzlda+DUbtC1KGqFTwPxieMcke7Xzfp+omLbsmg4Fhc6pv04IbAJ8UMGEOvhnlJK82BilOCeFxaKwCg0l5c5mfJc8jfhqFJFiHsOMF4wfonshxYh2qDgPP0bGZrPj94AE4Bju7wYuU4ng519GBA1ueB5lEsDsgdDDwrHn56ExF9iNNFjAbPOPpt83ptJkUEKZBfNwuG5DbLZnvNX4AbcGkcm8jh/c5OZAcrpIYrsK2d/y0+kM/LIJ1tbmAg1vZra4ZqSpBcE86yiYwulSwk4coIYe/1gUJC0acGUuXNrkLnB/fNuUGmT2tlDzdgjGebis4VckDbdXY54iwdarELzlgoBDwW2D5ybApuRHLgnVGVX+YW8nOuFBTwXcEki8uNb/RH2l1PXOuTbJYWzjBrkBS1sjv2MgFwBqsgQjMQfYwn4ZchLZBA+xuGV41OhfyB0RX094ywcOfjV7TrM5NWEhcNNNuKg3ajIRjdmY/2UeiAhKqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=) -> VYMAZÁNO
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 1 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\DRIVERS\dtsoftbus01.sys)
¤¤¤ Webové prohlížeče : 11 ¤¤¤
[CHROME:Addon] Default : Google Docs [aohghmighlieiainnegkcijnfilokake] -> VYMAZÁNO
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> ERROR [2]
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : Chrome Remote Desktop [gbchcmhmhahfdphkhkmpfmihenigjmpp] -> ERROR [2]
[CHROME:Addon] Default : avast! Online Security [gomekmidlodglbbmalcneegieacbdmki] -> ERROR [2]
[CHROME:Addon] Default : Google Play [komhbcfkdcgmcdoenjcjheifdiabikfi] -> ERROR [2]
[CHROME:Addon] Default : Google Maps [lneaknkopdijkpnocmklfnjbeapigfbh] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Google Chrome to Phone Extension [oadboiipflhobonjjffjbfekfjcgkhco] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD20EZRX-00DC0B0 ATA Device +++++
--- User ---
[MBR] d7c8f43337ddd236fcb5c4771348b352
[BSP] 3468990b40b9d8173e27cdc3d4912bf0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 80000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 150000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 471042048 | Size: 1677726 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] ab2903e97e3d9916fb74b0995612a4c2
[BSP] d8fd4a74a38250dd9e18a2e0fb852f23 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 122103 MB
1 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 250067007 | Size: 0 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: +++++
--- User ---
[MBR] 852b14d11863fd0dfc8ca36ce7990cbc
[BSP] c86e944439d366381f288801936a67d6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 953868 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_09212014_215928.log - RKreport_SCN_09222014_184841.log
-------------------------------------------------------------------------------------------------------------------
Zoek.exe v5.0.0.0 Updated 21-09-2014
Tool run by winki on po 22.09.2014 at 18:55:09,76.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\winki\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
22.9.2014 18:55:40 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4186332502-561800029-4199212318-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\splashtopremoteservice deleted successfully
==== Deleting Files \ Folders ======================
C:\Users\winki\.android deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\PROGRA~2\Maxiget deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Splashtop deleted
C:\Users\winki\AppData\Roaming\AlawarEntertainment deleted
C:\PROGRA~3\Splashtop deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\winki\AppData\Local\Maxiget deleted
C:\Users\winki\AppData\Local\cache deleted
C:\Users\winki\AppData\Local\Installer deleted
C:\Users\winki\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\windows\SysNative\Tasks\YTAUpdate deleted
C:\Windows\SysWOW64\AniGIF.ocx deleted
"C:\Users\winki\AppData\Roaming\AVNUOK" deleted
"C:\Users\winki\AppData\Roaming\SXMQIHM" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20.09.2014 20:48]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10.09.2014 20:46]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
==== Chromium Fix ======================
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\winki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3775 folders=333 1070991056 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\winki\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\winki\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on po 22.09.2014 at 19:02:56,04 ======================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosil bych o kontrolu Logu
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosil bych o kontrolu Logu
Asi v pořádku, jenom mi v programu Premiere a v After Effects naskočí tyto chyby, nevím zda to je touto opravou, či jiným -
a Microsoft Visual CC++ Runtime Library
R6034
a Microsoft Visual CC++ Runtime Library
R6034
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosil bych o kontrolu Logu
obrázek nevidím , dávej jak přílohu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosil bych o kontrolu Logu
Ten obrázek je asi už neaktuální, jenom ta knihovna a LoadLibraryEx Startup.ddl failed witch error 193: v Adobe premiere (pokud to není necoí známého )
Zasílám screen, a chtěl bych jsem se zeptat jak je riziková ta operace nahoře co jsi napsal? Díky
Zasílám screen, a chtěl bych jsem se zeptat jak je riziková ta operace nahoře co jsi napsal? Díky
- Přílohy
-
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosil bych o kontrolu Logu
To smažeme v Combofixu.
No úplně 100% to není , ale CF vytváří zálohu.
No úplně 100% to není , ale CF vytváří zálohu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 90 hostů