Prosím o kontrolu

[BulletRide]

Prosím o kontrolu logu. Pc se seká a weby jsou plné reklam a vyskakovacích oken.
HJT:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:58:58, on 25. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)




Boot mode: Normal


Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Eva\AppData\Roaming\SkypEmoticons\SE.exe
C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Eva\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: TakeTheCooupoN - {04d4f164-9add-4e01-a0da-839663afbc23} - C:\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: AlleSuaaveer - {3ac02af2-68a8-4057-9908-03be66948c93} - C:\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.dll
O2 - BHO: DiegiSAverr - {413b661f-97a1-4e44-b94d-599992f53476} - C:\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.dll
O2 - BHO: DisCoUntEoxtenesi - {435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e} - C:\Program Files (x86)\DisCoUntEoxtenesi\0q7gJONf7hC54G.dll
O2 - BHO: GrEEattSavoe4U - {949f033e-9b76-4621-8a82-a2bb650fcb62} - C:\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.dll
O2 - BHO: DIgISSaaveR - {96d26a39-dfe4-42b5-bb9c-7a1831ad0e09} - C:\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: NeiwSaveR - {d8691735-9b39-482a-8c80-51a51f2ba426} - C:\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.dll
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SE] "C:\Users\Eva\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Eva\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: McAfee Application Installer Cleanup (0066981429818172) (0066981429818172mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\006698~1.EXE
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem19.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


--
End of file - 14743 bytes

[Reklama]

[BulletRide]

Provedena čistka přes ATF Cleaner a přes TFC. Použit sken AdwCleaner a MBAM. Logy níže. Zatím jsem nic nemazal :)
ADW:
# AdwCleaner v4.202 - Log vytvořen 25/04/2015 v 12:12:32
# Aktualizováno 23/04/2015 by Xplode
# Databáze : 2015-04-23.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Eva - EVIČKY
# Spuštěno z : C:\Users\Eva\Downloads\adwcleaner_4.202.exe
# Nastavení : Sken


***** [ Služby ] *****


Služba Nalezeno : 0066981429818172mcinstcleanup
Služba Nalezeno : fc67e7a0


***** [ Soubory / Složky ] *****


Složka Nalezeno : C:\Program Files (x86)\AlleSuaaveer
Složka Nalezeno : C:\Program Files (x86)\DeltaFix
Složka Nalezeno : C:\Program Files (x86)\DiegiSAverr
Složka Nalezeno : C:\Program Files (x86)\DIgISSaaveR
Složka Nalezeno : C:\Program Files (x86)\DisCoUntEoxtenesi
Složka Nalezeno : C:\Program Files (x86)\ExsstraaCoUpono
Složka Nalezeno : C:\Program Files (x86)\FFInnddBesTDeeal
Složka Nalezeno : C:\Program Files (x86)\GrEEattSavoe4U
Složka Nalezeno : C:\Program Files (x86)\Hauppy2SSaVe
Složka Nalezeno : C:\Program Files (x86)\CheaPMe
Složka Nalezeno : C:\Program Files (x86)\NeiwSaveR
Složka Nalezeno : C:\Program Files (x86)\NNetoCouPon
Složka Nalezeno : C:\Program Files (x86)\ReegulaarDeeaLs
Složka Nalezeno : C:\Program Files (x86)\SAveriExtaennsiion
Složka Nalezeno : C:\Program Files (x86)\TakeTheCooupoN
Složka Nalezeno : C:\Program Files (x86)\unisaalesi
Složka Nalezeno : C:\Program Files (x86)\UNisales
Složka Nalezeno : C:\Program Files (x86)\youtubeadblocker
Složka Nalezeno : C:\ProgramData\8b82103099f1e20a
Složka Nalezeno : C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe
Složka Nalezeno : C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe
Složka Nalezeno : C:\ProgramData\apn
Složka Nalezeno : C:\ProgramData\Hauppy2SSaVe
Složka Nalezeno : C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo
Složka Nalezeno : C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo
Složka Nalezeno : C:\ProgramData\hnfpclecjopjpjmbbpgiobkooglbdjme
Složka Nalezeno : C:\ProgramData\hnfpclecjopjpjmbbpgiobkooglbdjme
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Složka Nalezeno : C:\ProgramData\pokki
Složka Nalezeno : C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh
Složka Nalezeno : C:\Users\Eva\AppData\Local\pokki
Složka Nalezeno : C:\Users\Eva\AppData\LocalLow\Simple Adblock
Složka Nalezeno : C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Nalezeno : C:\Users\Eva\AppData\Roaming\SkypEmoticons
Složka Nalezeno : C:\Users\Guest\AppData\Local\pokki


***** [ Naplánované úlohy ] *****




***** [ Zástupci ] *****




***** [ Registry ] *****


Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Klíč Nalezeno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\Directory\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\Drive\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\lnkfile\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\pokki
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\40C671E2F25CAAEB15B17A4EC4601DC4
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Klíč Nalezeno : HKCU\Software\Pokki
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\40C671E2F25CAAEB15B17A4EC4601DC4
Klíč Nalezeno : [x64] HKCU\Software\Pokki
Klíč Nalezeno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Nalezeno : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{6580C08D-FED3-41DE-95A2-EC319EECB9DB}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AEF2BB85-DF75-41E2-8366-FB89A5F869F9}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\cncgohepihcekklokhbhiblhfcmipbdh
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\gehngeifmelphpllncobkmimphfkckne
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{317D8BB4-16C3-CFBD-3777-AED69667DA46}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98449C67-C7AF-BB53-112D-26C916814611}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Klíč Nalezeno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8691735-9b39-482a-8c80-51a51f2ba426}


***** [ Prohlížeče ] *****


-\\ Internet Explorer v11.0.9600.17416


Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... D_W761YJX0
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page] - hxxp://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... D_W761YJX0
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... D_W761YJX0
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}


-\\ Mozilla Firefox v


[nahd6ha2.default] - Řádek Nalezeno : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");


-\\ Google Chrome v39.0.2171.95


[C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Nalezeno [Extension] : cncgohepihcekklokhbhiblhfcmipbdh
[C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Nalezeno [Extension] : gehngeifmelphpllncobkmimphfkckne


-\\ Opera v0.0.0.0




*************************


AdwCleaner[R0].txt - [14304 bytů] - [25/04/2015 12:12:32]


########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14363 bytů] ##########


MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org


Datum skenování: 25. 4. 2015
Čas skenování: 12:17:50
Protokol:
Správce: Ano


Verze: 2.01.6.1022
Databáze malwaru: v2015.04.25.01
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto


OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Eva


Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 388747
Uplynulý čas: 14 min, 28 sek


Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto


Procesy: 0
(Nenalezeny žádné škodlivé položky)


Moduly: 1
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix\DeltaFix.dll, , [7451a7c91b6f83b3195b1cbb976c4eb2],


Klíče registru: 164
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{04d4f164-9add-4e01-a0da-839663afbc23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{04D4F164-9ADD-4E01-A0DA-839663AFBC23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{04D4F164-9ADD-4E01-A0DA-839663AFBC23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_.9, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_.9, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_.9, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{04D4F164-9ADD-4E01-A0DA-839663AFBC23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{04d4f164-9add-4e01-a0da-839663afbc23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{04D4F164-9ADD-4E01-A0DA-839663AFBC23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{04D4F164-9ADD-4E01-A0DA-839663AFBC23}, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{04D4F164-9ADD-4E01-A0DA-839663AFBC23}\INPROCSERVER32, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{3ac02af2-68a8-4057-9908-03be66948c93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3AC02AF2-68A8-4057-9908-03BE66948C93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3AC02AF2-68A8-4057-9908-03BE66948C93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_.9, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_.9, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_.9, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3AC02AF2-68A8-4057-9908-03BE66948C93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3ac02af2-68a8-4057-9908-03be66948c93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3AC02AF2-68A8-4057-9908-03BE66948C93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3AC02AF2-68A8-4057-9908-03BE66948C93}, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{3AC02AF2-68A8-4057-9908-03BE66948C93}\INPROCSERVER32, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{435F3F13-7AC7-48BA-B4CE-8116EC9B2D2E}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{435F3F13-7AC7-48BA-B4CE-8116EC9B2D2E}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.9, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.9, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.9, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{435F3F13-7AC7-48BA-B4CE-8116EC9B2D2E}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{435F3F13-7AC7-48BA-B4CE-8116EC9B2D2E}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{435F3F13-7AC7-48BA-B4CE-8116EC9B2D2E}, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{435F3F13-7AC7-48BA-B4CE-8116EC9B2D2E}\INPROCSERVER32, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{413b661f-97a1-4e44-b94d-599992f53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{413B661F-97A1-4E44-B94D-599992F53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{413B661F-97A1-4E44-B94D-599992F53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_.9, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_.9, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_.9, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{413B661F-97A1-4E44-B94D-599992F53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{413b661f-97a1-4e44-b94d-599992f53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{413B661F-97A1-4E44-B94D-599992F53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{413B661F-97A1-4E44-B94D-599992F53476}, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{413B661F-97A1-4E44-B94D-599992F53476}\INPROCSERVER32, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{d8691735-9b39-482a-8c80-51a51f2ba426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D8691735-9B39-482A-8C80-51A51F2BA426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D8691735-9B39-482A-8C80-51A51F2BA426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_.9, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_.9, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_.9, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D8691735-9B39-482A-8C80-51A51F2BA426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{d8691735-9b39-482a-8c80-51a51f2ba426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D8691735-9B39-482A-8C80-51A51F2BA426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D8691735-9B39-482A-8C80-51A51F2BA426}, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{D8691735-9B39-482A-8C80-51A51F2BA426}\INPROCSERVER32, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{949f033e-9b76-4621-8a82-a2bb650fcb62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{949F033E-9B76-4621-8A82-A2BB650FCB62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{949F033E-9B76-4621-8A82-A2BB650FCB62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_.9, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_.9, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_.9, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{949F033E-9B76-4621-8A82-A2BB650FCB62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{949f033e-9b76-4621-8a82-a2bb650fcb62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{949F033E-9B76-4621-8A82-A2BB650FCB62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{949F033E-9B76-4621-8A82-A2BB650FCB62}, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{949F033E-9B76-4621-8A82-A2BB650FCB62}\INPROCSERVER32, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{96D26A39-DFE4-42B5-BB9C-7A1831AD0E09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{96D26A39-DFE4-42B5-BB9C-7A1831AD0E09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.9, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.9, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.9, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{96D26A39-DFE4-42B5-BB9C-7A1831AD0E09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{96D26A39-DFE4-42B5-BB9C-7A1831AD0E09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{96D26A39-DFE4-42B5-BB9C-7A1831AD0E09}, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{96D26A39-DFE4-42B5-BB9C-7A1831AD0E09}\INPROCSERVER32, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{231a703d-1e40-4f65-8b83-67448e1b1b61}, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_.10, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_.10, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_.10, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{12681996-6c7c-447f-b902-d14cde53e910}, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_.10, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_.10, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_.10, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{d329d851-0bf1-4f7f-94a8-93b899157a39}, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\Pd329d851_0bf1_4f7f_94a8_93b899157a39_.Pd329d851_0bf1_4f7f_94a8_93b899157a39_, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\Pd329d851_0bf1_4f7f_94a8_93b899157a39_.Pd329d851_0bf1_4f7f_94a8_93b899157a39_.9, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Pd329d851_0bf1_4f7f_94a8_93b899157a39_.Pd329d851_0bf1_4f7f_94a8_93b899157a39_, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Pd329d851_0bf1_4f7f_94a8_93b899157a39_.Pd329d851_0bf1_4f7f_94a8_93b899157a39_.9, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Pd329d851_0bf1_4f7f_94a8_93b899157a39_.Pd329d851_0bf1_4f7f_94a8_93b899157a39_, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Pd329d851_0bf1_4f7f_94a8_93b899157a39_.Pd329d851_0bf1_4f7f_94a8_93b899157a39_.9, , [c30237391b6f72c48c9aab8aa55dbf41],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}, , [dce9dd93008af343bc782909c0422ed2],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}, , [ecd96b05becc2e08d0643cf6ae54e31d],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{317D8BB4-16C3-CFBD-3777-AED69667DA46}, , [62636e0262280e28b77d9e94758d7c84],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}, , [dce9e9873a50ac8af53ff939936f649c],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6580C08D-FED3-41DE-95A2-EC319EECB9DB}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2300DD96-7A6A-46B2-9A07-2D84DA49E204}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4BBFB8ED-7CD4-4AF8-B153-66C35B5E9A82}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6FDD9941-065F-4633-9326-AC49C7C9B3A0}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8EC18713-4FAC-4EB9-9326-DF802E1C607E}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2300DD96-7A6A-46B2-9A07-2D84DA49E204}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4BBFB8ED-7CD4-4AF8-B153-66C35B5E9A82}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6FDD9941-065F-4633-9326-AC49C7C9B3A0}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8EC18713-4FAC-4EB9-9326-DF802E1C607E}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2300DD96-7A6A-46B2-9A07-2D84DA49E204}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4BBFB8ED-7CD4-4AF8-B153-66C35B5E9A82}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6FDD9941-065F-4633-9326-AC49C7C9B3A0}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8EC18713-4FAC-4EB9-9326-DF802E1C607E}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6580C08D-FED3-41DE-95A2-EC319EECB9DB}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{6580C08D-FED3-41DE-95A2-EC319EECB9DB}, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8B906AF1-C9E5-493C-9B36-8E1CBAE28522}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9A71EC22-9AAE-421E-98BC-59E12779D611}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B6E5186F-181F-48C2-A8C0-9191A1707AEA}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8B906AF1-C9E5-493C-9B36-8E1CBAE28522}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9A71EC22-9AAE-421E-98BC-59E12779D611}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B6E5186F-181F-48C2-A8C0-9191A1707AEA}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8B906AF1-C9E5-493C-9B36-8E1CBAE28522}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9A71EC22-9AAE-421E-98BC-59E12779D611}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B6E5186F-181F-48C2-A8C0-9191A1707AEA}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{002FF249-4A02-44F8-BD0F-7389AC5F3E70}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8F99377E-3B52-45E7-AC41-ACCAA945F8B1}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B2BBEAD-1A03-4927-8EB7-AC8292E4EB2F}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{002FF249-4A02-44F8-BD0F-7389AC5F3E70}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8F99377E-3B52-45E7-AC41-ACCAA945F8B1}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B2BBEAD-1A03-4927-8EB7-AC8292E4EB2F}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{002FF249-4A02-44F8-BD0F-7389AC5F3E70}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8F99377E-3B52-45E7-AC41-ACCAA945F8B1}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B2BBEAD-1A03-4927-8EB7-AC8292E4EB2F}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [2d9888e85634072f7a368c4fbf4401ff],
PUP.Optional.DeltaFix.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fc67e7a0, , [497cc7a9eaa070c6a4cffbdcde251be5],


Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)


Data registru: 13
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}),,[dbea2a463e4c89add1658577798c7b85]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0),,[f7ce244ca7e3f83ed264a458c93ca55b]
PUP.Optional.GboxApp.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.gboxapp.com/, Dobré: (www.google.com), Špatné: (http://search.gboxapp.com/),,[8c39aac6a6e4b68072dc867784818080]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}),,[477e5d13f397e6500432e4184cb97090]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[c9fc97d93d4d94a219134fb9f80e8c74]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}),,[a71e7000b8d21125fb3b629ac63fc13f]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0),,[1aab82ee7b0fb2846bcb5aa28f76ff01]
PUP.Optional.GboxApp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.gboxapp.com/, Dobré: (www.google.com), Špatné: (http://search.gboxapp.com/),,[c40109673159fd39a4aa02fbdd28b34d]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 761YJX0&q={searchTerms}),,[4481f977abdf40f6be7850acaf5644bc]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[6a5b3838c1c941f5cf5dab5d9d69f20e]
PUP.Optional.GboxApp.A, HKU\S-1-5-21-1042807274-120339670-2770079320-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.gboxapp.com/, Dobré: (www.google.com), Špatné: (http://search.gboxapp.com/),,[44815b15e9a183b3222dfa03a56054ac]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-1042807274-120339670-2770079320-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... D_W761YJX0),,[a421f57bf1995cdacd6a629a2adbf907]
PUP.Optional.GboxApp.A, HKU\S-1-5-21-1042807274-120339670-2770079320-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|First Home Page, http://go.microsoft.com/fwlink/?LinkID= ... 0&OHP=httpŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]ADobré: (www.google.com)FDobré: (www.google.com)Fsearch.gboxapp.comDobré: (www.google.com)F&OSP=httpŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]ADobré: (www.google.com)FDobré: (www.google.com)Fwww.bing.comDobré: (www.google.com)FsearchŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]FqŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]D%7BsearchTerms%7D%26formŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]DIE11TR%26srcŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]DIE11TR%26pcŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS),,[35906e025c2e7fb766e94ab328ddb24e]DHPNTDFJS, %4, %5


Složky: 15
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix, , [7451a7c91b6f83b3195b1cbb976c4eb2],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc\213, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.DigiSaver.A, C:\Program Files (x86)\DiegiSAverr, , [04c15d13e2a88caa0f701b3d27de09f7],
PUP.Optional.DigiSaver.A, C:\Program Files (x86)\DIgISSaaveR, , [1fa6fa76404a1026017ee474d82de31d],
PUP.Optional.NewSaver.A, C:\Program Files (x86)\NeiwSaveR, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.YouTubeAdBlocker.A, C:\Program Files (x86)\youtubeadblocker, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.MultiPlug, C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe, , [32933f31ec9ef145c1853e1b699cdb25],
PUP.Optional.MultiPlug, C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo, , [596c531df5958fa7b19568f1cc397d83],
PUP.Optional.FindBestDeal.A, C:\Program Files (x86)\FFInnddBesTDeeal, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlleSuaaveer, , [fdc8fa762a6080b64fa99bbee61fe31d],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCooupoN, , [be0787e9a6e4ac8ae27f9bbf778e916f],
PUP.Optional.NoMoreAds.A, C:\ProgramData\NoMore Ads, , [f5d0f8786f1bd95d3fccaf028f7424dc],
PUP.Optional.CheapMe.A, C:\Program Files (x86)\CheaPMe, , [fcc9c8a8573340f62ffbc2fa7c871fe1],
PUP.Optional.UniSales.A, C:\Program Files (x86)\UNisales, , [5570561a0b7f4ee827709d21e91a7c84],


Soubory: 60
PUP.Optional.Multiplug, C:\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.x64.dll, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.Multiplug, C:\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.dll, , [b90cd59b3654bc7a5dbd64d76e9437c9],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.x64.dll, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.dll, , [a81d165acac07abc57bd82c0bd45ef11],
PUP.Optional.Multiplug, C:\Program Files (x86)\DisCoUntEoxtenesi\0q7gJONf7hC54G.x64.dll, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.Multiplug, C:\Program Files (x86)\DisCoUntEoxtenesi\0q7gJONf7hC54G.dll, , [f7ce1d531872191de03a67d4d82ae41c],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.x64.dll, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.dll, , [24a12f4128624aec2fe594aedb2706fa],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.x64.dll, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.dll, , [5471066aadddd0667e96330f9270cc34],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.x64.dll, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.dll, , [9332cfa11a708caa809455ed58aaeb15],
PUP.Optional.Multiplug, C:\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.x64.dll, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, C:\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.dll, , [9431df917812092d2af0a497e0228878],
PUP.Optional.Multiplug, C:\ProgramData\copaunk\bXzvisG8ZeL52N.x64.dll, , [d1f4ed838604ad890422f24360a2da26],
PUP.Optional.MultiPlug.Uns, C:\ProgramData\NoMore Ads\NoMore Ads.exe, , [2d98343ce2a8a59131fd59e51be8e61a],
PUP.Optional.Multiplug, C:\ProgramData\taokeshhop\D8XppbytS8jgY6.x64.dll, , [b70e4f21bfcb7bbb1e08e05527dbdb25],
PUP.Optional.MultiPlug.Uns, C:\ProgramData\The AdBlocker\The AdBlocker.exe, , [bd08fe724e3cd06640ee28162ad9eb15],
PUP.Optional.Multiplug, C:\ProgramData\DigiCOOuppon\FzMbutWRHBwjpl.exe, , [19ac7ff1216945f13e14eb43897a9a66],
PUP.Optional.Multiplug, C:\ProgramData\DigiCOOuppon\FzMbutWRHBwjpl.x64.dll, , [c30237391b6f72c48c9aab8aa55dbf41],
Trojan.Brainwash, C:\Users\Eva\AppData\Roaming\SkypEmoticons\setup_forced.exe, , [992c1b55bbcf2d09a55ffe73ba4626da],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.exe, , [dce9dd93008af343bc782909c0422ed2],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.exe, , [ecd96b05becc2e08d0643cf6ae54e31d],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\NNetoCouPon\NNetoCouPon.exe, , [62636e0262280e28b77d9e94758d7c84],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Tv exe\Tv exe.exe, , [dce9e9873a50ac8af53ff939936f649c],
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix\DeltaFix.dll, , [7451a7c91b6f83b3195b1cbb976c4eb2],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc\213\lsdb.js, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc\213\background.html, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc\213\content.js, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc\213\manifest.json, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.MultiPlug.A, C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc\213\x9d4m.js, , [b11472fe147676c0559e68efd62f32ce],
PUP.Optional.DigiSaver.A, C:\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.tlb, , [04c15d13e2a88caa0f701b3d27de09f7],
PUP.Optional.DigiSaver.A, C:\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.dat, , [04c15d13e2a88caa0f701b3d27de09f7],
PUP.Optional.DigiSaver.A, C:\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.tlb, , [1fa6fa76404a1026017ee474d82de31d],
PUP.Optional.DigiSaver.A, C:\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.dat, , [1fa6fa76404a1026017ee474d82de31d],
PUP.Optional.NewSaver.A, C:\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.tlb, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.NewSaver.A, C:\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.dat, , [06bf95db800a1c1a6f2d5cfc8085f709],
PUP.Optional.YouTubeAdBlocker.A, C:\Program Files (x86)\youtubeadblocker\2qO3zkKDzSpWgp.tlb, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.YouTubeAdBlocker.A, C:\Program Files (x86)\youtubeadblocker\2qO3zkKDzSpWgp.dat, , [2c99224e4a401125cd0c5dfb06ffd32d],
PUP.Optional.MultiPlug, C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe\lsdb.js, , [32933f31ec9ef145c1853e1b699cdb25],
PUP.Optional.MultiPlug, C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe\background.html, , [32933f31ec9ef145c1853e1b699cdb25],
PUP.Optional.MultiPlug, C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe\content.js, , [32933f31ec9ef145c1853e1b699cdb25],
PUP.Optional.MultiPlug, C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe\manifest.json, , [32933f31ec9ef145c1853e1b699cdb25],
PUP.Optional.MultiPlug, C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe\nYGdhA6x.js, , [32933f31ec9ef145c1853e1b699cdb25],
PUP.Optional.MultiPlug, C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo\lsdb.js, , [596c531df5958fa7b19568f1cc397d83],
PUP.Optional.MultiPlug, C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo\background.html, , [596c531df5958fa7b19568f1cc397d83],
PUP.Optional.MultiPlug, C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo\content.js, , [596c531df5958fa7b19568f1cc397d83],
PUP.Optional.MultiPlug, C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo\manifest.json, , [596c531df5958fa7b19568f1cc397d83],
PUP.Optional.MultiPlug, C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo\ptgpythY6.js, , [596c531df5958fa7b19568f1cc397d83],
PUP.Optional.FindBestDeal.A, C:\Program Files (x86)\FFInnddBesTDeeal\MmLjUrmpRhkDvh.tlb, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.FindBestDeal.A, C:\Program Files (x86)\FFInnddBesTDeeal\MmLjUrmpRhkDvh.dat, , [fbcafa7692f8e650687089d0dd28d32d],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.tlb, , [fdc8fa762a6080b64fa99bbee61fe31d],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.dat, , [fdc8fa762a6080b64fa99bbee61fe31d],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.tlb, , [be0787e9a6e4ac8ae27f9bbf778e916f],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.dat, , [be0787e9a6e4ac8ae27f9bbf778e916f],
PUP.Optional.CheapMe.A, C:\Program Files (x86)\CheaPMe\CheaPMe.dat, , [fcc9c8a8573340f62ffbc2fa7c871fe1],
PUP.Optional.UniSales.A, C:\Program Files (x86)\UNisales\Pd3Af3elrtFRYy.dat, , [5570561a0b7f4ee827709d21e91a7c84],
PUP.Optional.UniSales.A, C:\Program Files (x86)\UNisales\Pd3Af3elrtFRYy.tlb, , [5570561a0b7f4ee827709d21e91a7c84],
PUP.Optional.UniSales.A, C:\Program Files (x86)\UNisales\UNisales.dat, , [5570561a0b7f4ee827709d21e91a7c84],
PUP.Optional.GboxApp.A, C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.startup.homepage", "http://search.gboxapp.com/");), ,[08bdf47cb2d8f2444e24c680679f4fb1]


Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)




(end)

[mople71]

Ahoj!

Rád Ti pomohu s tvým problémem. Čti prosím mé instrukce pozorně a pokud si něčím nebudeš jist, vždy se raději zeptej.


Je možné, že budeš muset na chvíli vypnout svůj antivirus.
V rámci čištění budou vyprázdněny dočasné adresáře včetně Koše!


Znovu si otevři AdwCleaner, kde klikni na Scan a poté na Clean. Po restartu PC na tebe vyjede log, ten sem prosím vlož.

---------------------------------------------------------------------------

Stáhni si Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe

Ulož na Plochu, otevři jako správce, do otevřeného okna vlož tento kód:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;


A klikni na Run script, chvíli to potrvá. Po restartu PC prosím přilož jeho log.

---------------------------------------------------------------------------

Otevři znovu MBAM, poté zvol v horní liště Sken -> vyber Vlastní sken a klikni na Skenovat nyní.

Objeví se okno Konfigurace vlastního skenu - vyber všechny disky/diskové oddíly (kromě mechaniky, čtečky,...), v levé liště zatrhni Hledat rootkity a klikni na Spustit sken

Po dokončení skenu klikni na tlačítko Exportovat záznam, log ulož a jeho obsah vlož sem.

Všechny nálezy dej do karantény.

[BulletRide]

Omlouvám se, že to trvalo. NTB není můj a nebyl k němu přístup :)
ADWCleaner:
# AdwCleaner v4.203 - Log vytvořen 10/05/2015 v 14:04:08
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-09.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Eva - EVIČKY
# Spuštěno z : C:\Users\Eva\Downloads\adwcleaner_4.203.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\pokki
Složka Smazáno : C:\ProgramData\Hauppy2SSaVe
Složka Smazáno : C:\ProgramData\8b82103099f1e20a
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Složka Smazáno : C:\Program Files (x86)\DeltaFix
Složka Smazáno : C:\Program Files (x86)\AlleSuaaveer
Složka Smazáno : C:\Program Files (x86)\CheaPMe
Složka Smazáno : C:\Program Files (x86)\DiegiSAverr
Složka Smazáno : C:\Program Files (x86)\DIgISSaaveR
Složka Smazáno : C:\Program Files (x86)\DisCoUntEoxtenesi
Složka Smazáno : C:\Program Files (x86)\ExsstraaCoUpono
Složka Smazáno : C:\Program Files (x86)\FFInnddBesTDeeal
Složka Smazáno : C:\Program Files (x86)\FinndBestDoeal
Složka Smazáno : C:\Program Files (x86)\Fun2Soaave
Složka Smazáno : C:\Program Files (x86)\GrEEattSavoe4U
Složka Smazáno : C:\Program Files (x86)\Hauppy2SSaVe
Složka Smazáno : C:\Program Files (x86)\NeiwSaveR
Složka Smazáno : C:\Program Files (x86)\NNetoCouPon
Složka Smazáno : C:\Program Files (x86)\ReegulaarDeeaLs
Složka Smazáno : C:\Program Files (x86)\SAveriExtaennsiion
Složka Smazáno : C:\Program Files (x86)\SaverrExotensiiOn
Složka Smazáno : C:\Program Files (x86)\TakeTheCooupoN
Složka Smazáno : C:\Program Files (x86)\unisaalesi
Složka Smazáno : C:\Program Files (x86)\UNisales
Složka Smazáno : C:\Program Files (x86)\youtubeadblocker
Složka Smazáno : C:\Users\Eva\AppData\Local\pokki
Složka Smazáno : C:\Users\Eva\AppData\LocalLow\Simple Adblock
Složka Smazáno : C:\Users\Eva\AppData\Roaming\SkypEmoticons
Složka Smazáno : C:\Users\Guest\AppData\Local\pokki
Složka Smazáno : C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh
Složka Smazáno : C:\ProgramData\acbcjamoideofdjgkjloapeefbebgfhe
Složka Smazáno : C:\ProgramData\hmemghhpjfchclnpnggopphhkkofamlo
Složka Smazáno : C:\ProgramData\hnfpclecjopjpjmbbpgiobkooglbdjme

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\cncgohepihcekklokhbhiblhfcmipbdh
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\gehngeifmelphpllncobkmimphfkckne
Klíč Smazáno : HKCU\Software\Classes\pokki
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Klíč Smazáno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč Smazáno : HKCU\Software\Classes\Directory\shell\pokki
Klíč Smazáno : HKCU\Software\Classes\Drive\shell\pokki
Klíč Smazáno : HKCU\Software\Classes\lnkfile\shell\pokki
Klíč Smazáno : HKLM\SOFTWARE\Classes\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P04d4f164_9add_4e01_a0da_839663afbc23_.P04d4f164_9add_4e01_a0da_839663afbc23_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P3ac02af2_68a8_4057_9908_03be66948c93_.P3ac02af2_68a8_4057_9908_03be66948c93_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P413b661f_97a1_4e44_b94d_599992f53476_.P413b661f_97a1_4e44_b94d_599992f53476_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.P435f3f13_7ac7_48ba_b4ce_8116ec9b2d2e_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P78b50808_7311_4fa7_b8ed_cbb478119648_.P78b50808_7311_4fa7_b8ed_cbb478119648_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P78b50808_7311_4fa7_b8ed_cbb478119648_.P78b50808_7311_4fa7_b8ed_cbb478119648_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P949f033e_9b76_4621_8a82_a2bb650fcb62_.P949f033e_9b76_4621_8a82_a2bb650fcb62_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.P96d26a39_dfe4_42b5_bb9c_7a1831ad0e09_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pcb0b02b6_153b_4a65_85d7_36b89c1ff3d3_.Pcb0b02b6_153b_4a65_85d7_36b89c1ff3d3_
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pcb0b02b6_153b_4a65_85d7_36b89c1ff3d3_.Pcb0b02b6_153b_4a65_85d7_36b89c1ff3d3_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pd8691735_9b39_482a_8c80_51a51f2ba426_.Pd8691735_9b39_482a_8c80_51a51f2ba426_.9
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{78b50808-7311-4fa7-b8ed-cbb478119648}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{cb0b02b6-153b-4a65-85d7-36b89c1ff3d3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{40951615-F2E2-4855-9BB0-68F80D247514}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{6580C08D-FED3-41DE-95A2-EC319EECB9DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{AEF2BB85-DF75-41E2-8366-FB89A5F869F9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78b50808-7311-4fa7-b8ed-cbb478119648}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb0b02b6-153b-4a65-85d7-36b89c1ff3d3}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78b50808-7311-4fa7-b8ed-cbb478119648}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{cb0b02b6-153b-4a65-85d7-36b89c1ff3d3}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d8691735-9b39-482a-8c80-51a51f2ba426}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04d4f164-9add-4e01-a0da-839663afbc23}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ac02af2-68a8-4057-9908-03be66948c93}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{413b661f-97a1-4e44-b94d-599992f53476}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{435f3f13-7ac7-48ba-b4ce-8116ec9b2d2e}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{949f033e-9b76-4621-8a82-a2bb650fcb62}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96d26a39-dfe4-42b5-bb9c-7a1831ad0e09}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8691735-9b39-482a-8c80-51a51f2ba426}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\40C671E2F25CAAEB15B17A4EC4601DC4
Klíč Smazáno : HKCU\Software\Pokki
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{317D8BB4-16C3-CFBD-3777-AED69667DA46}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98449C67-C7AF-BB53-112D-26C916814611}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[nahd6ha2.default\prefs.js] - Řádek Smazáno : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");

-\\ Google Chrome v39.0.2171.95

[C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Extension] : cncgohepihcekklokhbhiblhfcmipbdh
[C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Extension] : gehngeifmelphpllncobkmimphfkckne

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [14526 bytů] - [25/04/2015 12:12:32]
AdwCleaner[R1].txt - [15751 bytů] - [10/05/2015 14:00:04]
AdwCleaner[S0].txt - [14119 bytů] - [10/05/2015 14:04:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14178 bytů] ##########

Zoek:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Eva on ne 10. 05. 2015 at 14:15:22,37.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eva\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10. 5. 2015 14:16:37 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Eva\AppData\Local\PackageStaging deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1042807274-120339670-2770079320-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-1042807274-120339670-2770079320-1002\Software\Microsoft\Internet Explorer\SearchScopes\{792E9EC8-4550-44B6-98EC-B40D8A504506} deleted successfully
HKEY_USERS\S-1-5-21-1042807274-120339670-2770079320-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_USERS\S-1-5-21-1042807274-120339670-2770079320-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{792E9EC8-4550-44B6-98EC-B40D8A504506} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{792E9EC8-4550-44B6-98EC-B40D8A504506} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fc67e7a0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0066981429818172mcinstcleanup deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Dr.Web Anti-Virus Link Checker deleted
C:\PROGRA~2\Markdown Preview deleted
C:\PROGRA~2\PhotoLive Download Facebook Photos deleted
C:\PROGRA~2\PlayIt on XBMC deleted
C:\PROGRA~2\Red Ball deleted
C:\PROGRA~2\Share with Facebook Twitter Google Email deleted
C:\PROGRA~2\Tv exe deleted
C:\PROGRA~3\10052615119171609098 deleted
C:\Users\Public\Pokki deleted
C:\Users\Eva\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk deleted
C:\PROGRA~3\DigiCOOuppon deleted
C:\PROGRA~3\EXstraaCouPon deleted
C:\PROGRA~3\The AdBlocker deleted
C:\PROGRA~3\AllCheapPPrrice deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged deleted
"C:\Windows\Installer\279a50de.msi" deleted
"C:\Users\Eva\AppData\Roaming\Yandex\ui" deleted
"C:\Users\Eva\AppData\Roaming\Yandex" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"firefox@bho.com"="C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt" [08. 02. 2015 14:39]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
pchfckkccldkbclgdepkaonamkignanh - No path found[]

Dr.Web Anti-Virus Link Checker - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb
Tv exe - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc
Dr.Web Anti-Virus Link Checker - Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aleggpabliehgbeagmfhnodcijcmbonb
Tv exe - Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc

==== Chromium Startpages ======================

C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences
"homepage": "http://www.search.ask.com/?gct=hp",
"homepage": "http://www.yandex.ru/?__PARAM__from=chromehp",
"homepage": "http://search.gboxapp.com/",
"startup_urls": [ "http://search.gboxapp.com/" ],

C:\Users\Eva\AppData\Roaming\Opera Software\Opera Stable\Preferences
{"quick_access_bar":{"visible":true},"homepage_is_newtabpage":false,"homepage":"http://www.seznam.cz/?clid=6826","session":{"startup_urls":["http://www.seznam.cz/?clid=6826"]},"browser":{"show_home_button":true}}


==== Chromium Fix ======================

C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_globaldeals.ebay.com_0.localstorage deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_globaldeals.ebay.com_0.localstorage-journal deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aleggpabliehgbeagmfhnodcijcmbonb deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_aleggpabliehgbeagmfhnodcijcmbonb_0.localstorage deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_aleggpabliehgbeagmfhnodcijcmbonb_0.localstorage-journal deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdlhhipklffkfcejimaapnhlnlmijnjc deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_hdlhhipklffkfcejimaapnhlnlmijnjc_0.localstorage deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_hdlhhipklffkfcejimaapnhlnlmijnjc_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSE1"
"Default_Page_URL"="http://www.google.com"
"First Home Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\fi]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ma]
@="http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\zb]
@="http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"First Home Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.msn.com/?pc=MSE1"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences_20150112200051.backup was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\Metro\User Data\Default\Preferences was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\Metro\User Data\Default\Preferences_20150112200051.backup was reset successfully
C:\Users\Eva\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences was reset successfully
C:\Users\Eva\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences was reset successfully
C:\Users\Eva\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Eva\AppData\Roaming\Opera Software\Opera Stable\Preferences_20150112200051.backup was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data.tmp was reset successfully
C:\Users\Eva\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data was reset successfully
C:\Users\Eva\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data-journal was reset successfully
C:\Users\Eva\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Eva\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Eva\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\Eva\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6264 folders=211 305773962 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Eva\AppData\Local\Temp will be emptied at reboot
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Eva\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on ne 10. 05. 2015 at 14:46:24,35 ======================

MBAM:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 10. 5. 2015
Čas skenování: 14:49:34
Protokol: mbam log1.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.10.03
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Eva

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 578172
Uplynulý čas: 1 hod, 49 min, 31 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 14
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{231a703d-1e40-4f65-8b83-67448e1b1b61}, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_.10, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_.10, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P231a703d_1e40_4f65_8b83_67448e1b1b61_.P231a703d_1e40_4f65_8b83_67448e1b1b61_.10, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{12681996-6c7c-447f-b902-d14cde53e910}, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_.10, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_.10, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P12681996_6c7c_447f_b902_d14cde53e910_.P12681996_6c7c_447f_b902_d14cde53e910_.10, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.NoMoreAds.A, C:\ProgramData\NoMore Ads, Do karantény, [7388741d13779c9a4c99407b63a08779],

Soubory: 32
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.dll.vir, Do karantény, [817a0c851c6e64d249656cd8c141fc04],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.exe.vir, Do karantény, [8378840d45458da9389a092a7b877d83],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AlleSuaaveer\R66NJqXyiR2cAZ.x64.dll.vir, Do karantény, [3bc048498901af87fab7281b9d65956b],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.dll.vir, Do karantény, [f902b7dadbafe254bfefcf7589799070],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DiegiSAverr\MVNYiFrbx2IOc7.x64.dll.vir, Do karantény, [54a73c55e6a43501ddd4e85b9b6759a7],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.dll.vir, Do karantény, [7a81434ebbcf78beb7f050fe40c2ae52],
PUP.Optional.Multiplug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DIgISSaaveR\IDWdcHUbqt4JpR.x64.dll.vir, Do karantény, [c932bfd21278cc6a3e796fcde71b0000],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DisCoUntEoxtenesi\0q7gJONf7hC54G.dll.vir, Do karantény, [6a91a5ecafdb69cdd1d6d47aaa585fa1],
PUP.Optional.Multiplug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DisCoUntEoxtenesi\0q7gJONf7hC54G.x64.dll.vir, Do karantény, [807b5839642673c310a785b7fa0842be],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FinndBestDoeal\oTRkgPmWlMwB7P.dll.vir, Do karantény, [e219ddb40c7edb5b72358ac44ab847b9],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FinndBestDoeal\oTRkgPmWlMwB7P.exe.vir, Do karantény, [9e5d96fb8dfd70c6f5dd39fa58aad030],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fun2Soaave\qO8B3W3QNWlI7O.dll.vir, Do karantény, [c239f29f256553e33a6dce80fc06e61a],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fun2Soaave\qO8B3W3QNWlI7O.exe.vir, Do karantény, [49b2f69b4644ea4c3b97a88bbb47bc44],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fun2Soaave\qO8B3W3QNWlI7O.x64.dll.vir, Do karantény, [c833a9e8ddad75c1e90df01ae620d12f],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.dll.vir, Do karantény, [47b4553cc4c614224b6351f34ab8ec14],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.exe.vir, Do karantény, [3fbc6d2493f7ad898c46e84be220e61a],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GrEEattSavoe4U\AUKWrubzYDhg6l.x64.dll.vir, Do karantény, [2fccfa976525b482feb3b192b151946c],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.dll.vir, Do karantény, [41ba1a77e0aa47ef01ad9ea6857d7987],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeiwSaveR\FyrrOCrY6QRevg.x64.dll.vir, Do karantény, [43b8deb30387c2747b36a59eff0318e8],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NNetoCouPon\NNetoCouPon.exe.vir, Do karantény, [fdfe61308307e74f488ad3605da514ec],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaverrExotensiiOn\SaverrExotensiiOn.exe.vir, Do karantény, [9c5fc8c9c8c21d19bc16bf74cd353dc3],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.dll.vir, Do karantény, [b04bf49da6e487af7e29d27c3cc6d32d],
PUP.Optional.Multiplug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\TakeTheCooupoN\9yUFCKbWGhyIwW.x64.dll.vir, Do karantény, [bf3c81102565b97d0aadca72f60c03fd],
Trojan.Brainwash, C:\AdwCleaner\Quarantine\C\Users\Eva\AppData\Roaming\SkypEmoticons\setup_forced.exe.vir, Do karantény, [1fdcb6db246626100b038be6857bac54],
PUP.Optional.Multiplug, C:\ProgramData\copaunk\bXzvisG8ZeL52N.x64.dll, Do karantény, [9467048da3e72313a0241c1a729022de],
PUP.Optional.MultiPlug.Uns, C:\ProgramData\NoMore Ads\NoMore Ads.exe, Do karantény, [18e3eea317737abc024c1a2d58abe917],
PUP.Optional.Multiplug, C:\ProgramData\taokeshhop\D8XppbytS8jgY6.x64.dll, Do karantény, [cb30dcb5345665d1b70dcf67b74b639d],
PUP.Optional.Multiplug.A, C:\zoek_backup\C_PROGRA~2_Dr.Web Anti-Virus Link Checker\Dr.Web Anti-Virus Link Checker.exe, Do karantény, [d12a019015753ef8587a9d9615edab55],
PUP.Optional.Multiplug.A, C:\zoek_backup\C_PROGRA~2_Tv exe\Tv exe.exe, Do karantény, [0af12d64870352e411c1ca69a75b50b0],
PUP.Optional.Multiplug, C:\zoek_backup\C_PROGRA~3_DigiCOOuppon\FzMbutWRHBwjpl.exe, Do karantény, [98637918622864d2f2802b0cdd26a55b],
PUP.Optional.Multiplug, C:\zoek_backup\C_PROGRA~3_DigiCOOuppon\FzMbutWRHBwjpl.x64.dll, Do karantény, [c338454c5a30ec4a6163d2647989c43c],
PUP.Optional.MultiPlug.Uns, C:\zoek_backup\C_PROGRA~3_The AdBlocker\The AdBlocker.exe, Do karantény, [47b45c350189e5517bd340078c77748c],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Orcus]

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[BulletRide]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 8.1 x64
Ran by Eva on po 11. 05. 2015 at 21:44:22,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1042807274-120339670-2770079320-1002
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1042807274-120339670-2770079320-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1725350855-1927001909-1276192757-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2941822112-1650152677-2295881183-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-618455115-2753438545-4271841683-500



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\taokeshhop





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 11. 05. 2015 at 21:47:52,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



RogueKiller V10.6.3.0 (x64) [May 11 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Eva [Práva správce]
Started from : C:\Users\Eva\Downloads\RogueKillerX64.exe
Mód : Prohledat -- Datum : 05/11/2015 22:01:08

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Nalezeno
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5EF3A28C-64C8-405A-B9B2-88E20289FDD3} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5EF3A28C-64C8-405A-B9B2-88E20289FDD3} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM000-1EJ16 SATA Disk Device +++++
--- User ---
[MBR] 78e4f5297d8dd1238b217eda3a7aebce
[BSP] 6e1f41badf59e7e61e6c706bf05e7b7c : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 650 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1333248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1865728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2127872 | Size: 456700 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 937449472 | Size: 19196 MB
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vlož nový log z HJT + informuj o problémech.

[BulletRide]

Jedu přes TeamViewer, takže rychlost nepoznám, reklamy jsou pryč a majitelka si nestěžuje. Ještě pustím defragmentaci :)

RogueKiller V10.6.3.0 (x64) [May 11 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Eva [Práva správce]
Started from : C:\Users\Eva\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 05/12/2015 22:31:12

¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] explorer.exe(4388) -- C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\27869libfoxloader-x64.dll[-] -> Uvolněno

¤¤¤ Registry : 10 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Smazáno
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Smazáno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5EF3A28C-64C8-405A-B9B2-88E20289FDD3} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5EF3A28C-64C8-405A-B9B2-88E20289FDD3} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM000-1EJ16 SATA Disk Device +++++
--- User ---
[MBR] 78e4f5297d8dd1238b217eda3a7aebce
[BSP] 6e1f41badf59e7e61e6c706bf05e7b7c : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 650 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1333248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1865728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2127872 | Size: 456700 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 937449472 | Size: 19196 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_05112015_220108.log - RKreport_SCN_05122015_222919.log

[jerabina]

Na defragmentaci mohu vřele doporučit program Defraggler

Vlož sem prosím ještě nový log z HJT ať případně dočistíme

[BulletRide]

Ano, jiný program nepoužívám
Omlouvám se, zapomněl jsem :)

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:55:39, on 12. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)


Boot mode: Normal

Running processes:
c:\program files (x86)\teamviewer\TeamViewer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Eva\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Users\Eva\Downloads\HijackThis.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Eva\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem19.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10642 bytes

[jerabina]

V pořádku, mohu se ještě zeptat? Je nutné, aby se při startu počítače spouštěl Skype nebo ho mám vypnout?

[BulletRide]

Nutné. Je to NTB 16ti leté holky. Té to člověk nevysvětlí :) Děkuji moc za pomoc :)