Prosím o kontrolu logu

myschel · Příspěvekod **myschel** » 10 črc 2015 22:02

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:59, on 10.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Users\Michal\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RiightOffFerAApp - {7DA8D11A-EB5D-4183-B5B4-757538C0821D} - C:\Program Files (x86)\RiightOffFerAApp\Lz1lsEoeJo9Qrb.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3903136994-2275215349-783814558-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3903136994-2275215349-783814558-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Enlightened Religion - Unknown owner - C:\Users\Michal\AppData\Roaming\Enlightened Religion\Enlightened Religion.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: Mysterious Essay - Unknown owner - C:\Program Files (x86)\Mysterious Essay\Mysterious Essay.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Solver for Flow Simulation 2013 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12864 bytes

Reklama

Příspěvekod **jerabina** » 10 črc 2015 22:05

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

myschel · Příspěvekod **myschel** » 10 črc 2015 22:27

Log po sken AdwClener

# AdwCleaner v4.208 - Log vytvořen 10/07/2015 v 22:21:56
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-10.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Michal - MICHAL-MSI
# Spuštěno z : C:\Users\Michal\Desktop\AdwCleaner.exe
# Nastavení : Sken

***** [ Služby ] *****

Služba Nalezeno : WindowsMangerProtect
Služba Nalezeno : ec9c17f1

***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Program Files (x86)\AlLSaver
Složka Nalezeno : C:\Program Files (x86)\Ge-Force
Složka Nalezeno : C:\Program Files (x86)\miuitab
Složka Nalezeno : C:\Program Files (x86)\NaetoCouPon
Složka Nalezeno : C:\Program Files (x86)\NeeTOCCouponn
Složka Nalezeno : C:\Program Files (x86)\NettooCouppon
Složka Nalezeno : C:\Program Files (x86)\PricueLess
Složka Nalezeno : C:\Program Files (x86)\RiightOffFerAApp
Složka Nalezeno : C:\Program Files (x86)\SavENEwaAoppz
Složka Nalezeno : C:\Program Files (x86)\SaveoNewiaAppuz
Složka Nalezeno : C:\Program Files (x86)\SavveNewwaApppz
Složka Nalezeno : C:\Program Files (x86)\SoftwarePlus
Složka Nalezeno : C:\Program Files (x86)\TakeTeheeCoupon
Složka Nalezeno : C:\Program Files (x86)\TakeThECoouupOn
Složka Nalezeno : C:\ProgramData\{20f26719-39f3-b413-20f2-2671939f9c64}
Složka Nalezeno : C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}
Složka Nalezeno : C:\ProgramData\apn
Složka Nalezeno : C:\ProgramData\IHProtectUpDate
Složka Nalezeno : C:\ProgramData\WindowsMangerProtect
Složka Nalezeno : C:\Users\Michal\AppData\Local\globalUpdate
Složka Nalezeno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle
Složka Nalezeno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll
Složka Nalezeno : C:\Users\Michal\AppData\Local\RegistryDr
Složka Nalezeno : C:\Users\Michal\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\Public\Documents\ShopperPro
Soubor Nalezeno : C:\Program Files\Common Files\System\SysMenu.dll
Soubor Nalezeno : C:\Program Files\Common Files\System\SysMenu64.dll
Soubor Nalezeno : C:\windows\Reimage.ini

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : RegistryDr_Popup
Úloha Nalezeno : RegistryDr_Start
Úloha Nalezeno : amiupdaterExd
Úloha Nalezeno : amiupdaterExi
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-1-6
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-1-7
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-10_user
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-5
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-5_user
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-6
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-7
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-1-6
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-1-7
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-5
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-5_user
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-6
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-7
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-1-6
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-1-7
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-10_user
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-5
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-5_user
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-6
Úloha Nalezeno : 22832088-d5aa-444b-ab85-814c1d12efd4-7
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-1-6
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-1-7
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-5
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-5_user
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-6
Úloha Nalezeno : 78effe3a-26bd-4c71-a338-d019452ecaac-7

***** [ Zástupci ] *****

***** [ Registry ] *****

Data Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Nalezeno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... M7210M7210
Hodnota Nalezeno : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Klíč Nalezeno : HKCU\Software\APN PIP
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Nalezeno : HKCU\Software\GlobalUpdate
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{20B6B656-DE74-4422-8035-BAE833290B4F}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2624DEF9-8846-4443-8411-13438449F1F7}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{36B61973-3BF3-439C-9213-AF8BBE63FDC4}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{43E109A1-E497-47FF-84F0-B39196D28F79}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{567D4202-D25B-430F-809E-96D794AF1D58}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{76EF6A69-98B6-4317-9CFA-49D9B11CB570}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{80A93AB0-E114-4E52-8C4F-EF99B7E27B9A}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BCD6349-6CAA-4463-8C81-11CA6AC076BC}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9BCB10E-6F97-4A70-88F4-CBC46E2DF365}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7FD02E8-5D35-4D70-A30F-DD3A256FA228}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4646332D-5350-006A-76A7-7A786E7484D7}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4646332D-5350-006A-76A7-7A786E7484D7}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKCU\Software\RegistryDrLanguage
Klíč Nalezeno : HKCU\Software\Reimage
Klíč Nalezeno : HKCU\Software\reimagerepair
Klíč Nalezeno : HKCU\Software\simplytech
Klíč Nalezeno : HKCU\Software\Simplytech\HomeTab
Klíč Nalezeno : HKCU\Software\TNT2
Klíč Nalezeno : [x64] HKCU\Software\APN PIP
Klíč Nalezeno : [x64] HKCU\Software\GlobalUpdate
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{20B6B656-DE74-4422-8035-BAE833290B4F}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2624DEF9-8846-4443-8411-13438449F1F7}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{36B61973-3BF3-439C-9213-AF8BBE63FDC4}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{43E109A1-E497-47FF-84F0-B39196D28F79}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{567D4202-D25B-430F-809E-96D794AF1D58}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{76EF6A69-98B6-4317-9CFA-49D9B11CB570}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{80A93AB0-E114-4E52-8C4F-EF99B7E27B9A}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BCD6349-6CAA-4463-8C81-11CA6AC076BC}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9BCB10E-6F97-4A70-88F4-CBC46E2DF365}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7FD02E8-5D35-4D70-A30F-DD3A256FA228}
Klíč Nalezeno : [x64] HKCU\Software\RegistryDrLanguage
Klíč Nalezeno : [x64] HKCU\Software\Reimage
Klíč Nalezeno : [x64] HKCU\Software\reimagerepair
Klíč Nalezeno : [x64] HKCU\Software\simplytech
Klíč Nalezeno : [x64] HKCU\Software\Simplytech\HomeTab
Klíč Nalezeno : [x64] HKCU\Software\TNT2
Klíč Nalezeno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Nalezeno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Nalezeno : HKLM\SOFTWARE\1409ccbe-748d-4256-8d11-249feeb8ae12
Klíč Nalezeno : HKLM\SOFTWARE\16da4a09-ed87-4eae-96ef-57b0e63d3feb
Klíč Nalezeno : HKLM\SOFTWARE\85d74a14-e305-47aa-938b-1c36fda3a478
Klíč Nalezeno : HKLM\SOFTWARE\93a60524-66ff-4040-8ab2-429c3d4d4fce
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_
Klíč Nalezeno : HKLM\SOFTWARE\Classes\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.9
Klíč Nalezeno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{04A0F1FA-CF83-4ECD-9F68-D94D3F8A7622}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{A1965763-A486-4E1E-B574-19E44B3842E8}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Nalezeno : HKLM\SOFTWARE\ec0b9a97-0eb6-b1aa-058e-501f053e9119
Klíč Nalezeno : HKLM\SOFTWARE\GlobalUpdate
Klíč Nalezeno : HKLM\SOFTWARE\IHProtect
Klíč Nalezeno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ec9c17f1}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{317D8BB4-16C3-CFBD-3777-AED69667DA46}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{60EACF28-3304-CDE7-8F98-5992F85D389C}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKLM\SOFTWARE\searchult
Klíč Nalezeno : HKLM\SOFTWARE\SupDp
Klíč Nalezeno : HKLM\SOFTWARE\SupTab
Klíč Nalezeno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Reimage
Klíč Nalezeno : [x64] HKLM\SOFTWARE\ShopperPro
Klíč Nalezeno : HKU\.DEFAULT\Software\AskPartnerNetwork

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page] - hxxp://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}

-\\ Google Chrome v43.0.2357.132

*************************

AdwCleaner[R0].txt - [17572 bytů] - [10/07/2015 22:21:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [17631 bytů] ##########

Díky za radu

myschel · Příspěvekod **myschel** » 10 črc 2015 22:51

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.7.2015
Čas skenování: 22:33
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.10.06
Databáze rootkitů: v2015.07.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Michal

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 391176
Uplynulý čas: 12 min, 25 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1720, , [ab7317c94743e5514f1d3030a3622ed2]
Trojan.QQpass, C:\Users\Michal\AppData\Roaming\Enlightened Religion\Enlightened Religion.exe, 3264, , [130beef2e1a981b53a0a338af8098f71]

Moduly: 1
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SoftwarePlus\SoftwarePlus.dll, , [908e6c743e4c2a0c1d5d12893ec3af51],

Klíče registru: 100
PUP.Optional.WProtectManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [ab7317c94743e5514f1d3030a3622ed2],
Trojan.QQpass, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Enlightened Religion, , [130beef2e1a981b53a0a338af8098f71],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.9, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.9, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.9, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}\INPROCSERVER32, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.VMNToolBar.A, HKLM\SOFTWARE\CLASSES\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}, , [0e10ce121b6fab8b1f3703b8b64c2ad6],
PUP.Optional.VMNToolBar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}, , [0e10ce121b6fab8b1f3703b8b64c2ad6],
PUP.Optional.VMNToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}, , [0e10ce121b6fab8b1f3703b8b64c2ad6],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, , [30ee7e62345681b56f5557664eb4cf31],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, , [30ee7e62345681b56f5557664eb4cf31],
PUP.Optional.LuckyTab.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [8d91b42cbecca3939c436d0f32d09b65],
PUP.Optional.LuckyTab.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [8d91b42cbecca3939c436d0f32d09b65],
PUP.Optional.MySearchTB.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62155D33-3CE2-401E-8967-5A270628A3D5}, , [d44a0fd1d6b4e650777d7d4044be39c7],
PUP.Optional.MySearchTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62155D33-3CE2-401E-8967-5A270628A3D5}, , [d44a0fd1d6b4e650777d7d4044be39c7],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C5CA91B2-6518-8029-1AC2-E73D213FE1B5}, , [9d810fd10c7ea19572c83248a55c8878],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7304C9D1-98AD-55F0-636E-22D8DD57F176}, , [c15de7f9a0ea59dd48f20c6e61a04ab6],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{60EACF28-3304-CDE7-8F98-5992F85D389C}, , [f32b30b02763d95d7cbe6f0b0001d22e],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4B7F06A6-CDE6-45C1-A22E-CBD2C7F03309}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4EEB251A-47F6-4C51-8524-999E6DCE9594}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9AFF75CE-8D3F-4245-A616-52C2570CC00B}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E787F4E7-0A49-4311-8608-FCEE25B742D0}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4B7F06A6-CDE6-45C1-A22E-CBD2C7F03309}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4EEB251A-47F6-4C51-8524-999E6DCE9594}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9AFF75CE-8D3F-4245-A616-52C2570CC00B}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E787F4E7-0A49-4311-8608-FCEE25B742D0}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4B7F06A6-CDE6-45C1-A22E-CBD2C7F03309}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4EEB251A-47F6-4C51-8524-999E6DCE9594}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9AFF75CE-8D3F-4245-A616-52C2570CC00B}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E787F4E7-0A49-4311-8608-FCEE25B742D0}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\Ge-Force-nv, , [2df1835dbad0ca6c63b4136fc1438878],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [c658bf21107a043249bc137b09fb649c],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [2cf2a23ea4e6b77f0710b8ca768e6997],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [c9554e927317c274b3c14cc6db2811ef],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [30ee439d206a42f4feba2afc6b98e61a],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [e836fce4d5b59e98ee631760f80c718f],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [bc62b92790facc6aa8de7191838060a0],
PUP.Optional.MyStartToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${IEUTILSLIGHTELEVATIONPOLICYID}, , [e43a558bc1c9072f662ab2daf0147987],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [39e59d43e2a8e74f50074dbf19ead927],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [fd21667adbaf72c4272f4dbf35cee51b],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [011dd10fe9a13ff721bbdf3add261ee2],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [4ad44c94048651e5f065828a986b916f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ec9c17f1}, , [7ba3bc248efc9b9b41197f0d49bbec14],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [da44ac34cfbbd36336cf4b43887cae52],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [7aa424bc197177bf0549ba6b0102d62a],
PUP.Optional.SoftwarePlus.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ec9c17f1, , [2df129b7c8c2fe388503ca3dc63d8d73],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [77a7ae321674ec4aa49b67281fe5f30d],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [839bc61a701af73f9a890715af548779],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [fc226f710486b383b61a14ec7f8440c0],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [31ed22bec7c3da5c4dcbe89a976d7987],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, , [38e65789c0caa096a078047eb64e639d],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-18\SOFTWARE\Internet Speed Checker-nv, , [56c82eb23951ca6cc910cc3e897a52ae],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-18\SOFTWARE\Internet Speed Checker-nv-ie, , [a5795789b8d268cedaff9179897a639d],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv, , [b36b5c841a702214e357fa2d3bc8c63a],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv-ie, , [5ac49c44593184b2300a8a9d917202fe],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv, , [0f0fde025f2b35019d0d2d55897bb24e],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv-ie, , [011da43cfe8c3402604ab7cb0bf907f9],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [df3f30b0f89275c103bc6424c93b58a8],
PUP.Optional.GeForce.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\Ge-Force-nv-ie, , [1a043ba595f5ab8b8b8d50329470cf31],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\Internet Speed Checker-nv-ie, , [39e5a53bf09ab086835610fad72ca858],
PUP.Optional.SavePass.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\SavePass 1.1-nv-ie, , [c25cf6eab3d7d660cf6b909747bcb44c],
PUP.Optional.Sense.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\Sense-nv-ie, , [948a8d53c5c5e55108a26e1419eb9769],
PUP.Optional.TNT.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\TNT2, , [a27c7769187282b456addd3118eb43bd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [5dc1a43c6a2049ed49e08ee2966e35cb],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [3be335abdeac3105674218ec758ec040],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [180605db800aa096a569790b897b6997],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, , [a67858882c5ede586ea0b6ce7a8a0000],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B6B656-DE74-4422-8035-BAE833290B4F}, , [07178c54d7b384b23dd1c7bd23e12cd4],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2624DEF9-8846-4443-8411-13438449F1F7}, , [c25cb12f4c3e78be050973110afa5aa6],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{36B61973-3BF3-439C-9213-AF8BBE63FDC4}, , [b46acf110c7ee65097771f65f3116799],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}, , [4cd2924eacde00368688acd840c4d32d],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{43E109A1-E497-47FF-84F0-B39196D28F79}, , [0a1410d0533743f33bd3067e9c68ac54],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{567D4202-D25B-430F-809E-96D794AF1D58}, , [0c123aa6bad0c67059b585ff030119e7],
PUP.Optional.Ask.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{76EF6A69-98B6-4317-9CFA-49D9B11CB570}, , [29f5ae32325868ce97f8f29c5aaa2dd3],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{80A93AB0-E114-4E52-8C4F-EF99B7E27B9A}, , [60bede02b5d51125db332f55b64ee61a],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BCD6349-6CAA-4463-8C81-11CA6AC076BC}, , [f12d845c5238a88e23eba6debd47b24e],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B9BCB10E-6F97-4A70-88F4-CBC46E2DF365}, , [e23c617f1278092d0806ee96966ee020],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C}, , [c658895795f561d536d881038c784cb4],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, , [cd51bf21e1a965d18688f98b23e11de3],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F7FD02E8-5D35-4D70-A30F-DD3A256FA228}, , [b46abc246624ad89010d780cf1139d63],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [d648964a1674f046ec1167a1b94a6b95],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [df3f7c646a20cd69e31b9474e2214db3],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [ea3432ae6e1c2d0948b79e6aad56e11f],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [a97512ce4a40a98d90c1b6d2f0149967],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [1a04da063c4eb0869c647e8bbf44b947],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [f92507d995f59d99a35ee029af542dd3],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\SIMPLYTECH\HomeTab, , [ce50746c701a68ce8ec764e126dd0000],

Hodnoty registru: 23
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [c658bf21107a043249bc137b09fb649c]
PUP.Optional.MyStartToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${IEUTILSLIGHTELEVATIONPOLICYID}|AppPath, C:\Program Files (x86)\mystarttb, , [e43a558bc1c9072f662ab2daf0147987]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [da44ac34cfbbd36336cf4b43887cae52]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, obw, , [7aa424bc197177bf0549ba6b0102d62a]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [3be335abdeac3105674218ec758ec040]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [180605db800aa096a569790b897b6997]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [a67858882c5ede586ea0b6ce7a8a0000]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.istartsurf.com//favicon.ico, , [fc22ce12bcce1323907e6e16cb39ce32]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B6B656-DE74-4422-8035-BAE833290B4F}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [07178c54d7b384b23dd1c7bd23e12cd4]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2624DEF9-8846-4443-8411-13438449F1F7}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [c25cb12f4c3e78be050973110afa5aa6]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{36B61973-3BF3-439C-9213-AF8BBE63FDC4}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [b46acf110c7ee65097771f65f3116799]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [4cd2924eacde00368688acd840c4d32d]
PUP.Optional.MyStart.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}|TopResultURL, http://www.mystart.com/results.php?gen= ... ch_5224&q={searchTerms}, , [8b93429e5733d85eae6e53318c787987]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{43E109A1-E497-47FF-84F0-B39196D28F79}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [0a1410d0533743f33bd3067e9c68ac54]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{567D4202-D25B-430F-809E-96D794AF1D58}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [0c123aa6bad0c67059b585ff030119e7]
PUP.Optional.Ask.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{76EF6A69-98B6-4317-9CFA-49D9B11CB570}|SuggestionsURL_JSON, http://ss.websearch.ask.com/query?li=ff ... =prefix&q={searchTerms}, , [29f5ae32325868ce97f8f29c5aaa2dd3]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{76EF6A69-98B6-4317-9CFA-49D9B11CB570}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [b46aba264644280e38d687fdef15d12f]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{80A93AB0-E114-4E52-8C4F-EF99B7E27B9A}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [60bede02b5d51125db332f55b64ee61a]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BCD6349-6CAA-4463-8C81-11CA6AC076BC}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [f12d845c5238a88e23eba6debd47b24e]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B9BCB10E-6F97-4A70-88F4-CBC46E2DF365}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [e23c617f1278092d0806ee96966ee020]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [c658895795f561d536d881038c784cb4]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [cd51bf21e1a965d18688f98b23e11de3]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F7FD02E8-5D35-4D70-A30F-DD3A256FA228}|URL, http://www.istartsurf.com/web/?utm_sour ... default&q={searchTerms}, , [b46abc246624ad89010d780cf1139d63]

Data registru: 9
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... M7210M7210, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... M7210M7210),,[de4050904c3e50e69a67d34f0005f50b]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}),,[c35b03ddb2d83ff7b10bd14f23e2e917]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}),,[8b93f4ec7c0e43f325970e12b84d25db]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... M7210M7210, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... M7210M7210),,[3ae4548c741683b33cc5fb273dc82cd4]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}),,[75a9eaf6f59589ad10ac89975da821df]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... 10M7210&q={searchTerms}),,[a27c48985634af87f0cc50d0e91cdd23]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}),,[25f9e8f8c8c25adcc5f5cc54b055f40c]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=dsp ... 10M7210&q={searchTerms}),,[b668a23e4149ca6cdedc9f81e52028d8]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3903136994-2275215349-783814558-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|First Home Page, http://go.microsoft.com/fwlink/?LinkID= ... 0&OHP=httpŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]ADobré: (www.google.com)FDobré: (www.google.com)Fwww.istartsurf.comDobré: (www.google.com)FŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]FtypeŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]Dhppp%26tsŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]D1435258100%26zŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]Ddd073a0e4d6595dbac5e491g5z4c9weofw3b7gbecz%26fromŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]Dobw%26uidŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]DWDCXWD5000BPKTDobré: (www.google.com)D22PK4T0%5FWDDobré: (www.google.com)DWX71A81M7210M7210&OSP=httpŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]ADobré: (www.google.com)FDobré: (www.google.com)Fwww.istartsurf.comDobré: (www.google.com)FwebDobré: (www.google.com)FŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]FtypeŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]Ddspp%26tsŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]D1435258100%26zŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]Ddd073a0e4d6595dbac5e491g5z4c9weofw3b7gbecz%26fromŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]Dobw%26uidŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]DWDCXWD5000BPKTDobré: (www.google.com)D22PK4T0%5FWDDobré: (www.google.com)DWX71A81M7210M7210%26qŠpatné: (http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D),,[c9552db3e8a2fb3b00baef31f90c0ef2]D%7BsearchTerms%7D, %4, %5

Složky: 48
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle\131, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll\1.1, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.Multiplug.Gen, C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}, , [d44a29b756340c2a8301c9bc1aeae719],
PUP.Optional.NetCoupon.A, C:\Program Files (x86)\NaetoCouPon, , [8d9169770f7b999d48e0e0a608fc0000],
PUP.Optional.NetCoupon.A, C:\Program Files (x86)\NeeTOCCouponn, , [46d814ccf397a19536f2fe88af5543bd],
PUP.Optional.PriceLess.A, C:\Program Files (x86)\PricueLess, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.SaveNewAppz.A, C:\Program Files (x86)\SavENEwaAoppz, , [8a94439df69438fec38adda905ffc040],
PUP.Optional.SaveNewAppz.A, C:\Program Files (x86)\SaveoNewiaAppuz, , [41dd38a805853bfb9ab35d29768e916f],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlLSaver, , [3be3ffe1d8b23204a3d7731480844eb2],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeThECoouupOn, , [15091fc18802f73f14cb5a2dbf457a86],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy, , [130b18c80f7bea4c75025e7005fd837d],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\4E386768A6AD4B798B44A81A868A043D, , [130b18c80f7bea4c75025e7005fd837d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [aa74fce4f09a340274cca23e7d857d83],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [aa74fce4f09a340274cca23e7d857d83],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force, , [34ea6f7191f9e6501b8e5f82c2408a76],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [0d11538da6e4a1951e289d572bd7b947],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [0d11538da6e4a1951e289d572bd7b947],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [ed31e1ff3456c76f998ffbff47bb649c],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [ed31e1ff3456c76f998ffbff47bb649c],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [f42a19c7acde3303943708f51ae8a55b],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\image, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW, , [a5797a66a5e5cd69f558609eae54dd23],

myschel · Příspěvekod **myschel** » 10 črc 2015 22:51

Soubory: 160
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [ab7317c94743e5514f1d3030a3622ed2],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SoftwarePlus\SoftwarePlus.dll, , [908e6c743e4c2a0c1d5d12893ec3af51],
Trojan.QQpass, C:\Users\Michal\AppData\Roaming\Enlightened Religion\Enlightened Religion.exe, , [130beef2e1a981b53a0a338af8098f71],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\RiightOffFerAApp\Lz1lsEoeJo9Qrb.x64.dll, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\RiightOffFerAApp\Lz1lsEoeJo9Qrb.dll, , [1e0058881d6d72c47c6a3c8049b8b848],
PUP.Optional.Multiplug, C:\ProgramData\{20f26719-39f3-b413-20f2-2671939f9c64}\4485794576891959512b.exe, , [7ba3e1ffbad079bdc9822a9514ed25db],
PUP.Optional.Downloader.A, C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}\download.exe, , [a37b855b4d3ddf570c2e5b319a6739c7],
PUP.Optional.Nova.A, C:\Program Files (x86)\62f94372-7f00-42e5-8692-0cafe9b09f0e\161e3e51-2904-4dfc-a224-73d2cbb8f5b2.dll, , [57c736aa117939fd50b21f3ada27dd23],
PUP.Optional.Nova.A, C:\Program Files (x86)\62f94372-7f00-42e5-8692-0cafe9b09f0e\25d7037e-8392-47fd-92fe-87480a7278fe.dll, , [ac726a76dcaeaa8cae54c49524ddd927],
PUP.Optional.Crossrider, C:\Program Files (x86)\62f94372-7f00-42e5-8692-0cafe9b09f0e\3f8c1541-bdb7-4777-a990-416960ed76a1.dll, , [bb63548c642646f08df3f2ba26dbb749],
PUP.Optional.Crossrider, C:\Program Files (x86)\62f94372-7f00-42e5-8692-0cafe9b09f0e\62f94372-7f00-42e5-8692-0cafe9b09f0e.dll, , [d14d7f612e5c89ad364ae5c742bf2bd5],
PUP.Optional.Nova.A, C:\Program Files (x86)\84cab385-2fb9-4941-927a-e8f48ed14c0b\07ca2446-0332-49b8-8fff-9573f1e18c5d.dll, , [011d538d890146f009f91e3b27dad12f],
PUP.Optional.Crossrider, C:\Program Files (x86)\84cab385-2fb9-4941-927a-e8f48ed14c0b\84cab385-2fb9-4941-927a-e8f48ed14c0b.dll, , [db4367792b5f49edb6caaffd0cf5b749],
PUP.Optional.Crossrider, C:\Program Files (x86)\84cab385-2fb9-4941-927a-e8f48ed14c0b\93e6b93e-c402-4102-afc3-ed335931acee.dll, , [c35bfae6c5c50b2b83fd4864c23fce32],
PUP.Optional.Nova.A, C:\Program Files (x86)\84cab385-2fb9-4941-927a-e8f48ed14c0b\b2ccf3f3-67e0-4630-b094-77838da2aeb8.dll, , [1905538d028875c14cb6a9b05ba69769],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\AlLSaver\3BP5TyKzGnVXf1.exe, , [9d81d907c6c4211563d7027800013ec2],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\AlLSaver\timVLobzvydacZ.exe, , [ed3114cc365445f11a205822f011649c],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Cite This For Me Web Citer\Cite This For Me Web Citer.exe, , [9d810fd10c7ea19572c83248a55c8878],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, , [45d9cf118dfd6fc75af60016db2a867a],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, , [c9552ab6cbbfd0664e02d44244c152ae],
PUP.Optional.SearchProtect, C:\Program Files (x86)\MiuiTab\BrowserAction.dll, , [4ad44b9579111d197f8c7e0d88793bc5],
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, , [100effe1d8b2d85ebd6194c709f8867a],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\NettooCouppon\NettooCouppon.exe, , [76a8edf32b5f53e3fa4097e3e0218080],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\No Scroll Bars Please\No Scroll Bars Please.exe, , [140a6b7595f5033304363f3b00016d93],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\PricueLess\aZzVpFwlfpL5kD.exe, , [9886c21e9af00d29bb006730e21f6898],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Invite All\Invite All.exe, , [c15de7f9a0ea59dd48f20c6e61a04ab6],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\RiightOffFerAApp\Lz1lsEoeJo9Qrb.exe, , [f32b30b02763d95d7cbe6f0b0001d22e],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\SavENEwaAoppz\bpqtVs0Flvr9W2.exe, , [7da1914f5238350138023347c1402cd4],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\SaveoNewiaAppuz\PtaPxSa3LfsCGD.exe, , [e73704dc5d2d14229b9ff38760a1748c],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\SavveNewwaApppz\SavveNewwaApppz.exe, , [d747e4fc0c7e2f0707334a3052af6c94],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\TakeTeheeCoupon\TakeTeheeCoupon.exe, , [ec32f9e73e4ce452d4662852867bc43c],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\TakeThECoouupOn\zjeFQbicMtYtBT.exe, , [8b932cb46f1b3afc4bef7604fb065ca4],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\22832088-d5aa-444b-ab85-814c1d12efd4-64.exe, , [cd51ab354743ea4c6ef592f132cf8f71],
PUP.Optional.OpenCandy, C:\Users\Michal\Downloads\CheatEngine64.exe, , [ec32fbe59feb1224fcab2b84ad54e21e],
PUP.Optional.AppDataFR.A, C:\Users\Michal\AppData\Roaming\appdataFr25.bin, , [dc4227b948420432c027ca358979d52b],
PUP.Optional.AppDataFR.A, C:\Users\Michal\AppData\Roaming\appdataFr2.bin, , [54ca568a652586b00bddcb34837f837d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-1-6, , [fb239b45a3e71422963729026f94b64a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-1-7, , [33eb469a7a107eb87756df4c2ed54fb1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-10_user, , [190537a90387ad894f7e111a08fbec14],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-5, , [e638e5fbb8d287af13ba6cbf669d8080],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-5_user, , [e638d20e3357a78f00cd51da8a79a35d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-6, , [65b94d9368224de9bf0ee744798a8080],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-7, , [57c7da061c6eeb4be8e575b610f38f71],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-1-6, , [62bc4d937f0b90a6cb02a7849c67ed13],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-1-7, , [3ee0c51b6327d165b914ea41d03335cb],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-5, , [cb5348982c5e5cda5677f437b84bd729],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-5_user, , [28f6657b3d4da78f7a53f734a55eaf51],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-6, , [1b033ca4652569cd6c61a08b2ad90ff1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-7, , [1fffe3fd9deda096f9d4f63520e3837d],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-1-6.job, , [b46a4b95aedcf04614b384f3b054a45c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-1-7.job, , [55c9766a6624c96d9433ea8db054bf41],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-10_user.job, , [948a1dc34e3c6dc9596e84f30bf956aa],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-5.job, , [45d9d60aa2e8e452c1061661eb19de22],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-5_user.job, , [021c766a8dfde4520fb8195e877dc13f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-6.job, , [23fb3ba586042b0b64632c4b0cf805fb],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\22832088-d5aa-444b-ab85-814c1d12efd4-7.job, , [70ae39a70d7d35011aade4937f85e818],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-1-6.job, , [2fefc41c5139b77fd8ef4136857ff808],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-1-7.job, , [b26cae32fa9051e58a3d1e595ba91be5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-5.job, , [51cdae3241495adc4f785e1936ce4db3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-5_user.job, , [0b132eb2bad09f97ffc899dea65ec739],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-6.job, , [5bc3a43ce7a3c86e4582cbac59ab2cd4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\78effe3a-26bd-4c71-a338-d019452ecaac-7.job, , [d6485e82e2a8f93d794ea6d115ef916f],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle\131\lsdb.js, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle\131\background.html, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle\131\content.js, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle\131\manifest.json, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle\131\Tp.js, , [0b1331afd0ba5adc4e335e27f80c847c],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll\1.1\lsdb.js, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll\1.1\background.html, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll\1.1\content.js, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll\1.1\manifest.json, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.MultiPlug.A, C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll\1.1\sCuQJWL45H.js, , [77a79f414c3e1b1b1968f88df50f8977],
PUP.Optional.Multiplug.Gen, C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}\download.dat, , [d44a29b756340c2a8301c9bc1aeae719],
PUP.Optional.Multiplug.Gen, C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}\1c0f233d2d1adf07, , [d44a29b756340c2a8301c9bc1aeae719],
PUP.Optional.Multiplug.Gen, C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}\d1f285680ace38d3, , [d44a29b756340c2a8301c9bc1aeae719],
PUP.Optional.NetCoupon.A, C:\Program Files (x86)\NaetoCouPon\B1nlTyH4n1wM4m.tlb, , [8d9169770f7b999d48e0e0a608fc0000],
PUP.Optional.NetCoupon.A, C:\Program Files (x86)\NaetoCouPon\B1nlTyH4n1wM4m.dat, , [8d9169770f7b999d48e0e0a608fc0000],
PUP.Optional.NetCoupon.A, C:\Program Files (x86)\NeeTOCCouponn\kXdpJwBINj1EDY.tlb, , [46d814ccf397a19536f2fe88af5543bd],
PUP.Optional.NetCoupon.A, C:\Program Files (x86)\NeeTOCCouponn\kXdpJwBINj1EDY.dat, , [46d814ccf397a19536f2fe88af5543bd],
PUP.Optional.PriceLess.A, C:\Program Files (x86)\PricueLess\aZzVpFwlfpL5kD.tlb, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.PriceLess.A, C:\Program Files (x86)\PricueLess\aZzVpFwlfpL5kD.dat, , [f42aeef24e3cdf575adc95f147bd8b75],
PUP.Optional.SaveNewAppz.A, C:\Program Files (x86)\SavENEwaAoppz\bpqtVs0Flvr9W2.tlb, , [8a94439df69438fec38adda905ffc040],
PUP.Optional.SaveNewAppz.A, C:\Program Files (x86)\SavENEwaAoppz\bpqtVs0Flvr9W2.dat, , [8a94439df69438fec38adda905ffc040],
PUP.Optional.SaveNewAppz.A, C:\Program Files (x86)\SaveoNewiaAppuz\PtaPxSa3LfsCGD.tlb, , [41dd38a805853bfb9ab35d29768e916f],
PUP.Optional.SaveNewAppz.A, C:\Program Files (x86)\SaveoNewiaAppuz\PtaPxSa3LfsCGD.dat, , [41dd38a805853bfb9ab35d29768e916f],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlLSaver\3BP5TyKzGnVXf1.tlb, , [3be3ffe1d8b23204a3d7731480844eb2],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlLSaver\3BP5TyKzGnVXf1.dat, , [3be3ffe1d8b23204a3d7731480844eb2],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlLSaver\timVLobzvydacZ.dat, , [3be3ffe1d8b23204a3d7731480844eb2],
PUP.Optional.AllSaver.A, C:\Program Files (x86)\AlLSaver\timVLobzvydacZ.tlb, , [3be3ffe1d8b23204a3d7731480844eb2],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeThECoouupOn\zjeFQbicMtYtBT.tlb, , [15091fc18802f73f14cb5a2dbf457a86],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeThECoouupOn\zjeFQbicMtYtBT.dat, , [15091fc18802f73f14cb5a2dbf457a86],
PUP.Optional.Multiplug.A, C:\Windows\System32\Tasks\Bidaily Synchronize Task[d492], , [57c77a665c2e39fd5c6b2e5deb19b54b],
PUP.Optional.Multiplug.A, C:\Windows\Tasks\Bidaily Synchronize Task[d492].job, , [5bc3825e7218ab8be4e4147729dbf40c],
PUP.Optional.OpenCandy, C:\Users\Michal\AppData\Roaming\OpenCandy\4E386768A6AD4B798B44A81A868A043D\PCTU-CS-1-day-2200632.exe, , [130b18c80f7bea4c75025e7005fd837d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [aa74fce4f09a340274cca23e7d857d83],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [ed31e1ff3456c76f998ffbff47bb649c],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\conf, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\install.data, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\searchProvider.xml, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\uninstall.exe, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about_bk.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn_apply.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\close.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf.xml, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf_back.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\input_bk.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\logo.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\main.xml, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_1.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_2.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\rigth_arrow.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\settings.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\data.html, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE.html, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE8.html, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\main.css, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\ver.txt, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\google_trends.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon128.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon16.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon48.png, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\loading.gif, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\logo32.ico, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\common.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\ga.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery-1.11.0.min.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.autocomplete.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.xdomainrequest.min.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\js.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\library.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit-ie8.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit2.0.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xdomain.min.js, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW\messages.json, , [a5797a66a5e5cd69f558609eae54dd23],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Prosím o radu co dále. Díky moc !

Příspěvekod **jerabina** » 10 črc 2015 22:53

No bordel tam je, né že ne

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

myschel · Příspěvekod **myschel** » 10 črc 2015 23:15

# AdwCleaner v4.208 - Log vytvořen 10/07/2015 v 23:11:16
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-10.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Michal - MICHAL-MSI
# Spuštěno z : C:\Users\Michal\Desktop\AdwCleaner.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : WindowsMangerProtect
[#] Služba Smazáno : ec9c17f1

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\{20f26719-39f3-b413-20f2-2671939f9c64}
Složka Smazáno : C:\ProgramData\{ca365526-1780-adbd-ca36-655261785498}
Složka Smazáno : C:\Users\Public\Documents\ShopperPro
Složka Smazáno : C:\Program Files (x86)\Ge-Force
Složka Smazáno : C:\Program Files (x86)\miuitab
Složka Smazáno : C:\Program Files (x86)\AlLSaver
Složka Smazáno : C:\Program Files (x86)\NaetoCouPon
Složka Smazáno : C:\Program Files (x86)\NeeTOCCouponn
Složka Smazáno : C:\Program Files (x86)\NettooCouppon
Složka Smazáno : C:\Program Files (x86)\PricueLess
Složka Smazáno : C:\Program Files (x86)\RiightOffFerAApp
Složka Smazáno : C:\Program Files (x86)\SavENEwaAoppz
Složka Smazáno : C:\Program Files (x86)\SaveoNewiaAppuz
Složka Smazáno : C:\Program Files (x86)\SavveNewwaApppz
Složka Smazáno : C:\Program Files (x86)\SoftwarePlus
Složka Smazáno : C:\Program Files (x86)\TakeTeheeCoupon
Složka Smazáno : C:\Program Files (x86)\TakeThECoouupOn
Složka Smazáno : C:\Users\Michal\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Michal\AppData\Local\RegistryDr
Složka Smazáno : C:\Users\Michal\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle
Složka Smazáno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphahblhaakmimnmhlpckngfpkijfdll
Soubor Smazáno : C:\windows\Reimage.ini
Soubor Smazáno : C:\Program Files\Common Files\System\SysMenu.dll
Soubor Smazáno : C:\Program Files\Common Files\System\SysMenu64.dll

***** [ Naplánované úlohy ] *****

Úloha Smazáno : RegistryDr_Popup
Úloha Smazáno : RegistryDr_Start
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-1-6
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-1-7
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-10_user
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-5
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-5_user
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-6
Úloha Smazáno : 22832088-d5aa-444b-ab85-814c1d12efd4-7
Úloha Smazáno : 78effe3a-26bd-4c71-a338-d019452ecaac-1-6
Úloha Smazáno : 78effe3a-26bd-4c71-a338-d019452ecaac-1-7
Úloha Smazáno : 78effe3a-26bd-4c71-a338-d019452ecaac-5
Úloha Smazáno : 78effe3a-26bd-4c71-a338-d019452ecaac-5_user
Úloha Smazáno : 78effe3a-26bd-4c71-a338-d019452ecaac-6
Úloha Smazáno : 78effe3a-26bd-4c71-a338-d019452ecaac-7

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Hodnota Smazáno : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč Smazáno : HKLM\SOFTWARE\Classes\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.P7DA8D11A_EB5D_4183_B5B4_757538C0821D_.9
Klíč Smazáno : HKLM\SOFTWARE\1409ccbe-748d-4256-8d11-249feeb8ae12
Klíč Smazáno : HKLM\SOFTWARE\16da4a09-ed87-4eae-96ef-57b0e63d3feb
Klíč Smazáno : HKLM\SOFTWARE\85d74a14-e305-47aa-938b-1c36fda3a478
Klíč Smazáno : HKLM\SOFTWARE\93a60524-66ff-4040-8ab2-429c3d4d4fce
Klíč Smazáno : HKLM\SOFTWARE\ec0b9a97-0eb6-b1aa-058e-501f053e9119
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ec9c17f1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{04A0F1FA-CF83-4ECD-9F68-D94D3F8A7622}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A1965763-A486-4E1E-B574-19E44B3842E8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4646332D-5350-006A-76A7-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4646332D-5350-006A-76A7-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DA8D11A-EB5D-4183-B5B4-757538C0821D}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{20B6B656-DE74-4422-8035-BAE833290B4F}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2624DEF9-8846-4443-8411-13438449F1F7}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{36B61973-3BF3-439C-9213-AF8BBE63FDC4}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{43E109A1-E497-47FF-84F0-B39196D28F79}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{567D4202-D25B-430F-809E-96D794AF1D58}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{76EF6A69-98B6-4317-9CFA-49D9B11CB570}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{80A93AB0-E114-4E52-8C4F-EF99B7E27B9A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BCD6349-6CAA-4463-8C81-11CA6AC076BC}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9BCB10E-6F97-4A70-88F4-CBC46E2DF365}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7FD02E8-5D35-4D70-A30F-DD3A256FA228}
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\RegistryDrLanguage
Klíč Smazáno : HKCU\Software\reimagerepair
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{317D8BB4-16C3-CFBD-3777-AED69667DA46}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{60EACF28-3304-CDE7-8F98-5992F85D389C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v43.0.2357.132

*************************

AdwCleaner[R0].txt - [17866 bytů] - [10/07/2015 22:21:56]
AdwCleaner[R1].txt - [17925 bytů] - [10/07/2015 23:09:47]
AdwCleaner[S0].txt - [12716 bytů] - [10/07/2015 23:11:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12775 bytů] ##########

myschel · Příspěvekod **myschel** » 10 črc 2015 23:54

po projetí MbAM mi ten log zmizel a nevím jestli je tenhle ten správný

<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="4" datetime="2015-07-10T22:33:13.673394+02:00" source="Update" type="Error" username="SYSTEM" systemname="MICHAL-MSI" code="11" last_modified_tag="facdf248-bee6-4310-a721-f8a73f6ab25c" message="Bad md5 or size: akadomains"></record>
<record severity="debug" LoggingEventType="4" datetime="2015-07-10T22:33:13.681395+02:00" source="Update" type="Error" username="SYSTEM" systemname="MICHAL-MSI" code="11" last_modified_tag="38535455-44a0-4980-9160-e3d9e53d6c7a" message="Bad md5 or size: akaips"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:14.146197+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="e733895f-d2db-4edf-a8ec-ebf4e9fb0028" fromVersion="0.0.0.0" name="IP Database" toVersion="2015.6.12.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:14.163797+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="fc3a81e3-0615-4377-9713-e8c5a20976e1" fromVersion="0.0.0.0" name="Domain Database" toVersion="2015.6.12.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:14.194997+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="5bf9f8db-5a08-4348-94f3-369494ba1ba6" fromVersion="2015.5.13.1" name="Remediation Database" toVersion="2015.7.1.2"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:14.210597+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="e2ae181f-dd81-4a52-837f-ffd8bd2dfdac" fromVersion="2015.6.2.1" name="Rootkit Database" toVersion="2015.7.10.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:15.646800+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="877de8e8-6620-48cf-8117-691e5d65185b" fromVersion="0.0.0.0" name="AKA IP Database" toVersion="2015.7.9.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:16.005601+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="91434df6-473a-44cd-bb32-34fdbfe64000" fromVersion="0.0.0.0" name="AKA Domain Database" toVersion="2015.7.9.2"></record>
<record severity="debug" LoggingEventType="1" datetime="2015-07-10T22:33:32.771035+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="204683ce-743e-4100-a834-3bfc7a8c5372" fromVersion="2015.6.3.3" name="Malware Database" toVersion="2015.7.10.6"></record>
<record severity="debug" LoggingEventType="4" datetime="2015-07-10T23:14:07.252071+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHAL-MSI" code="13" last_modified_tag="0f20e582-7f3a-401c-a9a8-cf9c4810a172" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2015-07-10T23:14:07.312071+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="464ffd84-c02c-4904-b33b-276452a62dd8" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2015-07-10T23:14:07.312071+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="259144d1-10cb-474c-af0e-2bf69372606a" result="Stopped" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="6" datetime="2015-07-10T23:30:07.299449+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="MICHAL-MSI" duration="723" last_modified_tag="38a6561b-a7ff-4f2d-882a-5cf0485a5775" malwaredetections="3" nonmalwaredetections="44" scanresult="completed" scantype="threat" starttime="2015-07-10T23:16:54+02:00"></record>
<record severity="debug" LoggingEventType="4" datetime="2015-07-10T23:32:52.689249+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHAL-MSI" code="13" last_modified_tag="9188f1ff-ccc8-4304-9d2c-a2fb3d0ed3bd" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2015-07-10T23:32:52.704849+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="2812ccf7-be4f-44c0-9495-593efd812fe3" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2015-07-10T23:32:52.720449+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHAL-MSI" last_modified_tag="14fbc26c-2d0e-4afb-a01e-14bb80f536a3" result="Stopped" subtype="Malware Protection"></record>
</logs>

Dále:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.1 (07.10.2015:2)
OS: Windows 7 Home Premium x64
Ran by Michal on p 10.07.2015 at 23:45:44,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\Users\Michal\AppData\Roaming\appdataFr25.bin
Successfully deleted: [File] C:\Users\Michal\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
Successfully deleted: [File] C:\Users\Michal\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal

~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\13003662366037233530

~~~ Chrome

[C:\Users\Michal\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Michal\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Michal\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Michal\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 10.07.2015 at 23:47:59,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

myschel · Příspěvekod **myschel** » 11 črc 2015 00:08

RogueKiller V10.9.1.0 (x64) [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Michal [Administrator]
Started from : C:\Users\Michal\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 07/11/2015 00:06:19

¤¤¤ Processes : 1 ¤¤¤
[Proc.RunPE] hasplms.exe(2396) -- C:\Windows\System32\hasplms.exe[7] -> Killed [TermProc]

¤¤¤ Registry : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{96CC36E2-1AE5-400F-B1F7-F1599E555903} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{96CC36E2-1AE5-400F-B1F7-F1599E555903} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{96CC36E2-1AE5-400F-B1F7-F1599E555903} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Found
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Found

¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\MatchFinder.job -- c:\programdata\{20f26719-39f3-b413-20f2-2671939f9c64}\4485794576891959512b.exe (--startup=1 --single) -> Found
[Suspicious.Path] \MatchFinder -- c:\programdata\{20f26719-39f3-b413-20f2-2671939f9c64}\4485794576891959512b.exe (--startup=1 --single) -> Found

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 7 (Driver: Loaded) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_CREATE[0] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_CLOSE[2] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_POWER[22] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_PNP[27] : C:\windows\System32\Drivers\dump_iaStor.sys @ 0x418e511600000000

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BPKT-22PK4T0 +++++
--- User ---
[MBR] 449fa81b2f95183927e7595d472f3fc5
[BSP] c913293601aa4b10924dbef29cb10d48 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13008 MB
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 26642432 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 26847232 | Size: 278298 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 596801536 | Size: 185532 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Jak dále prosím postupovat?

Příspěvekod **jerabina** » 11 črc 2015 00:18

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Udělej nový sken MBAM, pokud tam něco bude, tak to dej do karantény/vymaž to a log sem dej.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

myschel · Příspěvekod **myschel** » 11 črc 2015 09:51

RogueKiller V10.9.1.0 (x64) [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Michal [Administrator]
Started from : C:\Users\Michal\Desktop\RogueKillerX64.exe
Mode : Delete -- Date : 07/11/2015 09:48:37

¤¤¤ Processes : 2 ¤¤¤
[Proc.RunPE] hasplms.exe(2552) -- C:\Windows\System32\hasplms.exe[7] -> Killed [TermProc]
[VT.Unknown] Mysterious Essay.exe(3396) -- C:\Program Files (x86)\Mysterious Essay\Mysterious Essay.exe[-] -> Killed [TermProc]

¤¤¤ Registry : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{96CC36E2-1AE5-400F-B1F7-F1599E555903} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{96CC36E2-1AE5-400F-B1F7-F1599E555903} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{96CC36E2-1AE5-400F-B1F7-F1599E555903} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Replaced ()
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Replaced (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Replaced (2)

¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\MatchFinder.job -- c:\programdata\{20f26719-39f3-b413-20f2-2671939f9c64}\4485794576891959512b.exe (--startup=1 --single) -> Deleted
[Suspicious.Path] \MatchFinder -- c:\programdata\{20f26719-39f3-b413-20f2-2671939f9c64}\4485794576891959512b.exe (--startup=1 --single) -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 7 (Driver: Loaded) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_POWER[22] : Unknown @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418e511600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iaStor.sys - IRP_MJ_PNP[27] : Unknown @ 0x418e511600000000

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BPKT-22PK4T0 +++++
--- User ---
[MBR] 449fa81b2f95183927e7595d472f3fc5
[BSP] c913293601aa4b10924dbef29cb10d48 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13008 MB
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 26642432 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 26847232 | Size: 278298 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 596801536 | Size: 185532 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

myschel · Příspěvekod **myschel** » 11 črc 2015 10:12

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Michal on so 11.07.2015 at 9:55:01,16.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michal\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11.7.2015 9:57:04 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\62f94372-7f00-42e5-8692-0cafe9b09f0e deleted successfully
C:\PROGRA~2\84cab385-2fb9-4941-927a-e8f48ed14c0b deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Pink My deleted successfully
C:\PROGRA~2\Replies and more for deleted successfully
C:\PROGRA~3\DassaultSystemes deleted successfully
C:\PROGRA~3\Simpoe deleted successfully
C:\Users\Michal\AppData\Roaming\DassaultSystemes deleted successfully
C:\Users\Michal\AppData\Roaming\Opera Software deleted successfully
C:\Users\Michal\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Michal\AppData\Local\EmieSiteList deleted successfully
C:\Users\Michal\AppData\Local\EmieUserList deleted successfully
C:\Users\Michal\AppData\Local\Opera Software deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\62f94372-7f00-42e5-8692-0cafe9b09f0e not found
C:\PROGRA~2\84cab385-2fb9-4941-927a-e8f48ed14c0b not found
C:\PROGRA~2\Pink My not found
C:\PROGRA~2\Replies and more for not found
C:\PROGRA~2\Cite This For Me Web Citer deleted
C:\PROGRA~2\Invite All deleted
C:\PROGRA~2\Mysterious Essay deleted
C:\PROGRA~2\No Scroll Bars Please deleted
C:\Users\Michal\Downloads\ReimageRepair.exe deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.132

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iphahelpmejkbidhiecfeicblienleon - No path found[]

==== Chromium Startpages ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
43":{"supports_spdy":true},"translate.googleapis.com:443":{"supports_spdy":true},"video-cdg2-1.xx.fbcdn.net:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"network_stats":{"srtt":150444},"supports_spdy":true},"www.google.com:443":{"network_stats":{"srtt":141593},"supports_spdy":true},"www.google.cz:443":{"network_stats":{"srtt":138428},"supports_spdy":true},"www.googleadservices.com:443":{"supports_spdy":true},"www.googleapis.com:443":{"network_stats":{"srtt":152746},"supports_spdy":true},"www.googletagmanager.com:443":{"supports_spdy":true},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":174800},"supports_spdy":true},"www.gstatic.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"supports_spdy":true},"www.youtube.com:443":{"supports_spdy":true}},"supports_quic":{"address":"::ffff:2a00:1028","used_quic":true},"version":3}},"ntp":{"most_visited_blacklist":{"7f35d83929d562f82771527e441904d4":null}},"partition":{"default_zoom_level":{"14695981038468906945":1.2239010857415438,"2166136261":1.2239010857415438},"per_host_zoom_levels":{"14695981038468906945":{},"2166136261":{}}},"password_bubble":{"nopes":0},"pinned_tabs":[],"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"prefs":{"preference_reset_time":"13081014016747977"},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"fullscreen":1}},"pref_version":1},"created_by_version":"43.0.2357.132","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Osoba 1","per_host_zoom_levels":{}},"protection":{"macs":{"browser":{"show_home_button":"0F500184D01E4147A98668D796CCEB6D9110C5D34119C07B73B1E09E14B5DD74"},"default_search_provider":{"keyword":"5F7C4DC4615208EED4F16F6FEE776805EC8233AC103B6C5F06DE12D2EF35D5F1","name":"82F99D692748C38BCE316E7370C7F67F3796DC53BFFF538AD2FD0B76BCF2D0CA","search_url":"C0F93AE4B74F99BDFA5B95028C1589AB88958896BB7DF40AC0630D4E37B112A6"},"default_search_provider_data":{"template_url_data":"C623A51699539984BBFC7BD2E3CEFE0E05F8F9F6FCA9C98AD0A89F3643656404"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"CDA4A3B7628E6C5EE8790006BD8EA745C94AE4AC404CE44AB30178243019087E","bepbmhgboaologfdajaanbcjmnhjmhfn":"AD23FDC809CEE8EB9EC17B2ED19704D9EBF146EE04827950674221725840C431","blpcfgokakmgnkcojhhkbfbldkacnbeo":"37E194408AEE590911B913FC141A120BFB39F471FF5E15879D6697F4B7BAE296","coobgpohoikkiipiblmjeljniedjpjpf":"19A11E5137649B5E7A6D73438257998330D5620DBFC7C2FCA9CFA335458A904F","eemcgdkfndhakfknompkggombfjjjeno":"3897FB3CC3958947420C62528A383036A3ACC41DCE83648C308A287D53DD2CEA","ennkphjdgehloodpbhlhldgbnhmacadg":"9231FA14B82778D049F09BFD96CF95CEC59B62051317EBBEFEE46DE06074EAC1","gfdkimpbcpahaombhbimeihdjnejgicl":"717B6991EB94F3D19E2D285EF17179151553DAA3EDC0D5233D64232E49FE737B","iphahelpmejkbidhiecfeicblienleon":"051F5FEDE6348830C268F391EA2E409A77120F6F110DAC35F18CA99B50FB4972","kmendfapggjehodndflmmgagdbamhnfd":"3D3123AFBBC9B2FB7E88005D1C98872E9D902BFB52AEBA2F2EA54D327D66D922","lojpenhmoajbiciapkjkiekmobleogjc":"9D6F01EC8BA2B04FAE3390D5FD18514668FE542271E25B5B798AE3D8AC656E2D","mfehgcgbbipciphmccgaenjidiccnmng":"F194EA4CED4186F5652D53BB565A012492B0C8F1FFCAF1EEC86777DD1654DE3B","mgndgikekgjfcpckkfioiadnlibdjbkf":"A7F225582EEEF75115E1F805CF86FE7A7C343BA15E5A3201521D31B2931ECAF5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"B95B1E4CA5BC4739CF63F9156997E80FA027F80C66179A0FD4D23376A587B381","neajdppkdcdipfabeoofebfddakdcjhd":"47AA13601150A3AC29B3A24A73131BF100774C6A8746613989331A20A3466BA0","nkeimhogjdpnpccoofpliimaahmaaome":"7127F3C571B5B277C7CD521198F0BBA7789C2A7C74E27623B63383767128F02E","nmmhkkegccagdldgiimedpiccmgmieda":"2E622BEBF55BFAD5EC394E24F5986AA2E52EDAC8E1F39BBEAC8BB74AC2D9BCCD","nnnmhgkokpalnmbeighfomegjfkklkle":"0547F1E63C94626767F5A95467060697E22AB57878CA0EBFBD5BC76C64941D09","ogminpmldncgcmokldnmmapddoccmhfl":"9E70709B81B2A8485BEFBF7C8AC0DC0B2EE40A33B28CC1AADF3D32610F271B07","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"01C24E7730B30B86651A179A0CDC21C838FE1FD42968B9644ECF4AF0AF9ED89B","pjkljhegncpnkpknbcohdijeoejaedia":"9242256817842CF003FEF1D5A38EFB83CF2D5D2D20580DB465651D5E230FFA09","pphahblhaakmimnmhlpckngfpkijfdll":"4D66A3E086674A8B801B10701E4948A5AD2CCCD9B97866DA353FFCC0EFA3B430"}},"google":{"services":{"last_username":"E1B383D268F7F601F611A8BF551634D7A78FCDC5035957DADF244440D89CB7A8","username":"D5C795B5ABBDD1629A080FD03F4DE486E76F47E0544CE064DEA3BBA6F2CC2912"}},"homepage":"0A0DA0ACFA5AD83FC2F95B94CFF30AC02E20E18A649F15B1A31D3E5D471CF5D5","homepage_is_newtabpage":"2A0A54742284B0F279F6BDBFBC0189A0FB4786C7F4F6678661EF64EE1E869376","pinned_tabs":"4F326530451A85ED291887C0C23F480A9F9CAB5C01C36C37834DB0179BCA85B0","prefs":{"preference_reset_time":"7E458DDB753868C6F4C425AAAEFCEDC6010723F677BD18D00F1F1A6330B350D6"},"profile":{"reset_prompt_memento":"5E81808F69FACC57ABE085058BB40196D07488C9D01FFC3FC140A411E76BEDEE"},"safebrowsing":{"incidents_sent":"8481CC1CAB395556222359FBDF8283EABF1F79EDB1DAD038478EEABED450A2A3"},"search_provider_overrides":"34A25C096F9B002C01166A6C492FC5BCD68232B4C752ACADC87487077DF52E59","session":{"restore_on_startup":"B0489EF385040720CB9AF8478D6B7020B9CFB1861DCD017EFD9E83C52458DA21","startup_urls":"9C9A176FD92427EA65011D803CC103C119C350CC058974C293552793BCB89871"},"software_reporter":{"prompt_reason":"D1A26A7F76CE684397AB677E8B684E43D91DA188450EECCDD7F4DD76BC9A09F1","prompt_seed":"639561EB2D8F0F0B08AC56AB605591FCF147A38C776631CAB5BC2AA7FEF502D8","prompt_version":"DE51E1B7328CE2A826037E028CFF94151F6441530F60EBC6E753705174BFAAF0"},"sync":{"remaining_rollback_tries":"6424B67E3E26C365A374DB6E9153E789C52ECD61974679F7CFF77A6CA5589ADF"}}},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13080937695335910"},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["cs"],"translate_denied_count":{"en":1},"translate_last_denied_time":1436464375894.9336,"translate_too_often_denied":true,"translate_whitelists":{}}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"First Home Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3903136994-2275215349-783814558-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E3E8E998-43FB-420E-8E6E-7A2DD2F4072C} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=10 folders=7 8800786 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michal\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Michal\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 11.07.2015 at 10:10:10,85 ======================

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online