kontrola logu + zavirované PC Vyřešeno

[asphyxia]

Zdravím,

prosím o kontrolu logu, jsem už z toho úplně nešťastná. Předevčírem jsem si při stahování filmu neprozřetelně nainstalovala nějakej balíček nevyžádanejch aplikací (included opera, nějaký aplikace pro seznam, yt downloader, air globe atd.) a zřejmě se mi přes něj dostal do PC nějakej virus. Hlavně když přes programy a funkce chci air globe odinstalovat, PC se chvíli sekne, pak avast zabrání asi 26 útokům a pak vyskočí okno "error launching installer". i ten yt downloader a další zmetci se mi někde pořád objevujou.
Taky jsem si nainstalovala program spyhunter, kterej detekoval asi 1800 nějakejch hrozeb, bohužel nešlo přes něj vyčistit (nemám registrovanou verzi). No jednoduše mám PC prolezlé nějakou havětí a poprosila bych o návod na důkladné vyčištění a detekci veškerých malwarů atd.

tady zasílám log.

moc děkuju!!

Adéla

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:04:26, on 24.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Users\Aduš\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\YTDownloader\YTDownloader.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\YTDOWN~1\BrowserHelper.exe
C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.exe
C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aduš\Downloads\Desktop\Programy\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O1 - Hosts: ::1 localhost
O2 - BHO: Air Globe 1.0.0.7 - {4c54ce3d-6b7d-4f21-9e69-200632a98540} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Aduš\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [Spotify] "C:\Users\Aduš\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrsHelper - Unknown owner - C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Air Globe - Unknown owner - C:\Program Files (x86)\Air Globe\updateAirGlobe.exe
O23 - Service: Util Air Globe - Unknown owner - C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9640 bytes

[Reklama]

[jaro3]

spyhunter zase odinstaluj,

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[asphyxia]

# AdwCleaner v4.113 - Logfile created 24/03/2015 at 14:13:03
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Aduš - ADUŠ-PC
# Running from : C:\Users\Aduš\Downloads\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : sbmntr
Service Found : BrsHelper
Service Found : Update Air Globe
Service Found : Util Air Globe
Service Found : {95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64
Service Found : {dec6f88c-7a9e-4cc3-bf67-f2cb1ad3fe02}Gw64

***** [ Files / Folders ] *****

File Found : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Found : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\user.js
File Found : C:\Windows\System32\drivers\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64.sys
File Found : C:\Windows\System32\drivers\{dec6f88c-7a9e-4cc3-bf67-f2cb1ad3fe02}Gw64.sys
Folder Found : C:\Program Files (x86)\Air Globe
Folder Found : C:\Program Files (x86)\Ge-Force
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\ShopperPro
Folder Found : C:\Program Files (x86)\YTDownloader
Folder Found : C:\Program Files (x86)\Zrychleni Pocitace
Folder Found : C:\ProgramData\ShopperPro
Folder Found : C:\Users\Aduš\AppData\Local\BrowserHelper
Folder Found : C:\Users\Aduš\AppData\Local\globalUpdate

***** [ Scheduled tasks ] *****

Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : ShopperPro
Task Found : ShopperProJSUpd
Task Found : YTDownloader
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-1-6
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-1-7
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-10_user
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-11
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-4
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-5
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-5_user
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-6
Task Found : b872c64b-1796-4a7f-8885-c0cfa635239e-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Air Globe
Key Found : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Classes\MF
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\TNT2
Key Found : HKCU\Software\YTDownloader
Key Found : HKCU\Software\zona
Key Found : [x64] HKCU\Software\Air Globe
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\TNT2
Key Found : [x64] HKCU\Software\YTDownloader
Key Found : [x64] HKCU\Software\zona
Key Found : HKLM\SOFTWARE\Air Globe
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\IHProtect
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA1838EF-A497-194E-3850-37A62CEE398B}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\ShopperPro
Key Found : HKLM\SOFTWARE\YTDownloader
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Air Globe
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Air Globe
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Air Globe
Key Found : [x64] HKLM\SOFTWARE\ShopperPro
Value Found : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v35.0 (x86 cs)


-\\ Google Chrome v41.0.2272.101

*************************

AdwCleaner[R0].txt - [35851 bytes] - [04/08/2014 12:42:49]
AdwCleaner[R1].txt - [35918 bytes] - [04/08/2014 20:41:06]
AdwCleaner[R2].txt - [9211 bytes] - [10/01/2015 03:03:21]
AdwCleaner[R3].txt - [9193 bytes] - [10/01/2015 15:08:38]
AdwCleaner[R4].txt - [11767 bytes] - [24/03/2015 14:13:03]
AdwCleaner[S0].txt - [35446 bytes] - [04/08/2014 20:42:45]
AdwCleaner[S1].txt - [7260 bytes] - [10/01/2015 15:28:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [11946 bytes] ##########

[asphyxia]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.3.2015
Čas skenování: 14:24:47
Protokol: mamlog.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.03.24.04
Databáze rootkitů: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: AduA!

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 398482
Uplynulý čas: 31 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 7
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.exe, 2028, , [92c21831c1c957df20f18ba9a45e0000]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe, 2084, , [4f057ccd42488da9fd14e94b7989b14f]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowse64.exe, 4148, , [8dc751f8177379bd24e8cde306fdf30d]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BOASHelper.exe, 4140, , [8dc751f8177379bd24e8cde306fdf30d]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter.exe, 4308, , [8dc751f8177379bd24e8cde306fdf30d]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter64.exe, 4300, , [8dc751f8177379bd24e8cde306fdf30d]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.exe, 4132, , [8dc751f8177379bd24e8cde306fdf30d]

Moduly: 3
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expextdll.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\sqlite3.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a6358b6ed19ac290.dll, , [8dc751f8177379bd24e8cde306fdf30d],

Klíče registru: 86
PUP.Optional.AirGlobe.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Air Globe, , [92c21831c1c957df20f18ba9a45e0000],
PUP.Optional.AirGlobe.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Air Globe, , [4f057ccd42488da9fd14e94b7989b14f],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [5ff521287713b28479d84c15df2418e8],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [5ff521287713b28479d84c15df2418e8],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [5ff521287713b28479d84c15df2418e8],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4c54ce3d-6b7d-4f21-9e69-200632a98540}, , [90c495b4d9b138fe2898362fe22139c7],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{692F6862-1B0C-4C25-85BB-ADADE34051F4}, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{692F6862-1B0C-4C25-85BB-ADADE34051F4}, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{692F6862-1B0C-4C25-85BB-ADADE34051F4}, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64, , [4e064dfcdbafc76f98f8bc205fa406fa],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{dec6f88c-7a9e-4cc3-bf67-f2cb1ad3fe02}Gw64, , [86ceee5b9ded3402721ec8143bc844bc],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, , [a8ac46032c5ec37337088871c14233cd],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\Air Globe, , [5df7d6739ded0c2a676d288be320da26],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force, , [4d0791b8226839fd73722615a75ea759],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [0252ea5fbeccc670d11f9bac39cc1fe1],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, , [90c4fd4cb2d80a2c519ff3540ef7728e],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [7bd997b20c7e39fd71947a479073dc24],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [1044ab9ef39792a4217c55892ed526da],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, , [3321e8613555063041febd3c3ac9c33d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [a1b37fca404aba7c6b446dd0ee1729d7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [292b4603008a0c2abcf46bd2a164af51],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO, , [d084ba8f5c2e0f2712899e27db28c43c],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\Air Globe, , [470da7a245450234379e10a3ae5516ea],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\Ge-Force-nv, , [77dde861dbaf75c134bd5bec6f9613ed],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\Ge-Force-nv-ie, , [a2b28dbcdeac4cea16db054236cf8779],
PUP.Optional.TNT.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\TNT2, , [62f235146e1cea4cd6c05a617f8457a9],
PUP.Optional.BSPlayer.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\APPDATALOW\SOFTWARE\BS_Player_ControlBar_B, , [3e1621281e6c50e6d6946d48bf447d83],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [da7a25244644e74f3025121d36cfbe42],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, , [c29274d5008a7abcd80a9a38b64def11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Webar, , [9cb82524355510261f4fa21b42c117e9],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ShopperPro.ShopperProBHO, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO.1, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ShopperPro.ShopperProBHO.1, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Air Globe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [8dc751f8177379bd24e8cde306fdf30d],

Hodnoty registru: 4
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [b2a260e9dab0dc5aafb675b32ad96799],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [b2a260e9dab0dc5aafb675b32ad96799],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [1044ab9ef39792a4217c55892ed526da]
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO|aff, obrdcb, , [d084ba8f5c2e0f2712899e27db28c43c]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 18
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{8028DDAD-9F0D-483E-9B8D-5B2FA57284AE}, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force, , [b59f5eeb39512d09608265290cf727d9],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\TEMP, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliohgnhhonjglnmcbgpaedjgpeihalk, , [153fed5cc3c74de916ec525f42c1d030],
PUP.Optional.AirGlobe.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliohgnhhonjglnmcbgpaedjgpeihalk\1.0.1_0, , [153fed5cc3c74de916ec525f42c1d030],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [4b092f1a5f2b50e6bc5b9f12c34051af],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [4b092f1a5f2b50e6bc5b9f12c34051af],

Soubory: 90
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.exe, , [92c21831c1c957df20f18ba9a45e0000],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe, , [4f057ccd42488da9fd14e94b7989b14f],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobebho.dll, , [6be9a1a8206abb7be42cd26211f11ce4],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64.sys, , [4e064dfcdbafc76f98f8bc205fa406fa],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{dec6f88c-7a9e-4cc3-bf67-f2cb1ad3fe02}Gw64.sys, , [86ceee5b9ded3402721ec8143bc844bc],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-1-7, , [e76d72d7d0bac86e4751fce204ff44bc],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-11, , [8ec65bee0a804de99cfcffdf4eb59f61],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-4, , [aaaa3712543665d11088934b07fce11f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-5, , [4f051534147680b6d1c7ce101ee558a8],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-6, , [d2827acf3b4fed49dbbd0fcf09fab947],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-7, , [afa559f0157562d48f0910cee22125db],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-1-6.job, , [460eb9901a709e981b6d7ac10104748c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-1-7.job, , [8dc763e69bef280e2761a992ea1b3ec2],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-10_user.job, , [b2a2c9808a00142236524dee9e67a957],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-11.job, , [a1b3a1a89cee1b1bfc8c24170cf952ae],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-4.job, , [6ce8a2a7acde8fa75c2c4bf00df8ea16],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-5.job, , [4e06df6a28622313177177c49c6903fd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-5_user.job, , [520201488dfdd85e701870cbd82de51b],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-6.job, , [86ce2d1c03874cea2c5cbd7e20e59d63],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b872c64b-1796-4a7f-8885-c0cfa635239e-7.job, , [99bb5fea4842a98d3454ea51dd2859a7],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [c0944207ef9b55e1c9ce4dee12f321df],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [94c00841830737ff20780437c83d6898],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [e76d5eeba0ea9e982f6aeb5024e15ca4],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [83d1a8a1701a0d29a9f170cbeb1a57a9],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [f1633c0d0e7c68ce1926d8b65aa915eb],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\b872c64b-1796-4a7f-8885-c0cfa635239e.crx, , [b59f5eeb39512d09608265290cf727d9],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\b872c64b-1796-4a7f-8885-c0cfa635239e.xpi, , [b59f5eeb39512d09608265290cf727d9],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\bgNova.html, , [b59f5eeb39512d09608265290cf727d9],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\chrome.manifest, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\install.rdf, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\config.json, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\database1_0_0.json, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.xul, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\Users\AduA!\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\shopperpro_128.png, , [8acaf7525337e94d3deaa9ec05fec040],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.ej, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro.dll, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro64.dll, , [7dd792b7f496f541de0b5641857e8e72],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\0, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobe.ico, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobeUninstall.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\fliohgnhhonjglnmcbgpaedjgpeihalk.crx, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.InstallState, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expextdll.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowse64.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowseG.zip, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\BrowserAdapter.7z, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\dec6f88c7a9e4cc3bf67.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\dec6f88c7a9e4cc3bf6764.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\dec6f88c7a9e4cc3bf67f2cb1ad3fe02.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\dec6f88c7a9e4cc3bf67f2cb1ad3fe0264.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\eula.txt, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\sqlite3.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.InstallState, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\7za.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a635.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a63564.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a6358b6ed19ac290.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a6358b6ed19ac29064.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BOAS.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BOAS.zip, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BOASHelper.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BOASPRT.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter64.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.exe, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.zip, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.BOAS.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.BrowserAdapter.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.CompatibilityChecker.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.ExpExt.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.FFUpdate.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.GCUpdate.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.PurBrowseG.dll, , [8dc751f8177379bd24e8cde306fdf30d],
PUP.Optional.AirGlobe.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliohgnhhonjglnmcbgpaedjgpeihalk\1.0.1_0\background.js, , [153fed5cc3c74de916ec525f42c1d030],
PUP.Optional.AirGlobe.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliohgnhhonjglnmcbgpaedjgpeihalk\1.0.1_0\content.js, , [153fed5cc3c74de916ec525f42c1d030],
PUP.Optional.AirGlobe.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliohgnhhonjglnmcbgpaedjgpeihalk\1.0.1_0\icon.png, , [153fed5cc3c74de916ec525f42c1d030],
PUP.Optional.AirGlobe.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliohgnhhonjglnmcbgpaedjgpeihalk\1.0.1_0\manifest.json, , [153fed5cc3c74de916ec525f42c1d030],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [4b092f1a5f2b50e6bc5b9f12c34051af],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[asphyxia]

# AdwCleaner v4.113 - Logfile created 25/03/2015 at 00:59:43
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Aduš - ADUŠ-PC
# Running from : C:\Users\Aduš\Downloads\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : sbmntr
Service Deleted : BrsHelper
[#] Service Deleted : Update Air Globe
[#] Service Deleted : Util Air Globe
Service Deleted : {95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64
Service Deleted : {dec6f88c-7a9e-4cc3-bf67-f2cb1ad3fe02}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\Ge-Force
[!] Folder Deleted : C:\Program Files (x86)\Air Globe
Folder Deleted : C:\Users\Aduš\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Aduš\AppData\Local\BrowserHelper
Folder Deleted : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
File Deleted : C:\Windows\System32\drivers\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64.sys
File Deleted : C:\Windows\System32\drivers\{dec6f88c-7a9e-4cc3-bf67-f2cb1ad3fe02}Gw64.sys
File Deleted : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\user.js
File Deleted : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : YTDownloader
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-1-6
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-1-7
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-10_user
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-11
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-4
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-5
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-5_user
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-6
Task Deleted : b872c64b-1796-4a7f-8885-c0cfa635239e-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKCU\Software\Classes\MF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Air Globe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Air Globe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\zona
Key Deleted : HKCU\Software\Air Globe
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\Air Globe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA1838EF-A497-194E-3850-37A62CEE398B}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Air Globe

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v35.0 (x86 cs)


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [35851 bytes] - [04/08/2014 12:42:49]
AdwCleaner[R1].txt - [35918 bytes] - [04/08/2014 20:41:06]
AdwCleaner[R2].txt - [9211 bytes] - [10/01/2015 03:03:21]
AdwCleaner[R3].txt - [9193 bytes] - [10/01/2015 15:08:38]
AdwCleaner[R4].txt - [12098 bytes] - [24/03/2015 14:13:03]
AdwCleaner[R5].txt - [12296 bytes] - [25/03/2015 00:55:48]
AdwCleaner[S0].txt - [35446 bytes] - [04/08/2014 20:42:45]
AdwCleaner[S1].txt - [7260 bytes] - [10/01/2015 15:28:12]
AdwCleaner[S2].txt - [11932 bytes] - [25/03/2015 00:59:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [11992 bytes] ##########

[asphyxia]

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 7 Professional x64
Ran by Aduç on st 25.03.2015 at 1:08:06,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c54ce3d-6b7d-4f21-9e69-200632a98540}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c54ce3d-6b7d-4f21-9e69-200632a98540}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540}



~~~ Files

Successfully deleted: [File] "C:\Users\Aduç\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Aduç\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 25.03.2015 at 1:18:37,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[asphyxia]

mbam - po scanu se pc automaticky restartovalo, odstranila jsem položky v sekci "historie", log nevím, kde dohledat

[asphyxia]

RogueKiller V10.5.7.0 (x64) [Mar 22 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Aduš [Práva správce]
Started from : C:\Users\Aduš\Downloads\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/25/2015 03:37:47

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 ATA Device +++++
--- User ---
[MBR] b83bd3c75d10d3cb2a7dc12b6d2df943
[BSP] 7ad93314db0007bbac2689e6bcc97239 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 99900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 204802048 | Size: 510477 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_01122015_143057.log - RKreport_DEL_08052014_125150.log - RKreport_SCN_01102015_170602.log - RKreport_SCN_01122015_142856.log
RKreport_SCN_08042014_224743.log - RKreport_SCN_08052014_124939.log

[jaro3]

MbAM -- nákazy byly smazány?

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

[asphyxia]

RogueKiller V10.5.7.0 (x64) [Mar 22 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Aduš [Práva správce]
Started from : C:\Users\Aduš\Downloads\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/25/2015 13:26:03

¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] SpotifyCrashService.exe(4044) -- C:\Users\Aduš\AppData\Roaming\Spotify\SpotifyCrashService.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 ATA Device +++++
--- User ---
[MBR] b83bd3c75d10d3cb2a7dc12b6d2df943
[BSP] 7ad93314db0007bbac2689e6bcc97239 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 99900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 204802048 | Size: 510477 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_01122015_143057.log - RKreport_DEL_08052014_125150.log - RKreport_SCN_01102015_170602.log - RKreport_SCN_01122015_142856.log
RKreport_SCN_03252015_033747.log - RKreport_SCN_08042014_224743.log - RKreport_SCN_08052014_124939.log - RKreport_SCN_03252015_130824.log

[Orcus]

MbAM -- nákazy byly smazány?

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.