prosím o kontrolu

[alexandra]

Zdravím,

prosím o kontrolu, vyskakují mi reklamní okna.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:36, on 24.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\jitka\Desktop\ČIŠTĚNÍ\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\jitka\AppData\LocalLow\BS_Player\prxtbBS_2.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [ccleaner] "F:\Udrzba PC\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1441B8F3-6A69-40C8-B2D3-23898F8201FB}: NameServer = 199.203.131.150,82.163.143.168
O17 - HKLM\System\CCS\Services\Tcpip\..\{43E43442-FB4B-46F1-8380-99C18D3AB6A0}: NameServer = 199.203.131.150,82.163.143.168
O17 - HKLM\System\CCS\Services\Tcpip\..\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA}: NameServer = 199.203.131.150,82.163.143.168
O17 - HKLM\System\CS1\Services\Tcpip\..\{1441B8F3-6A69-40C8-B2D3-23898F8201FB}: NameServer = 199.203.131.150,82.163.143.168
O17 - HKLM\System\CS2\Services\Tcpip\..\{1441B8F3-6A69-40C8-B2D3-23898F8201FB}: NameServer = 199.203.131.150,82.163.143.168
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14021 bytes

[Reklama]

[jerabina]

Ahoj, vítej na fóru PC-HELP!

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[alexandra]

# AdwCleaner v5.014 - Logfile created 24/10/2015 at 19:32:41
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : jitka - HP1
# Running from : C:\Users\jitka\Desktop\ČIŠTĚNÍ\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : BackupStack

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\BS_Player
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Delta
Folder Found : C:\Program Files (x86)\goforfiles
Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\Program Files (x86)\relaydouble
Folder Found : C:\Program Files (x86)\bestadblocker
Folder Found : C:\Program Files (x86)\DNS Unlocker
Folder Found : C:\Program Files (x86)\5e0CoUUponS
Folder Found : C:\Program Files (x86)\bestadblocker
Folder Found : C:\Program Files (x86)\CheoApoMMe
Folder Found : C:\Program Files (x86)\DiGioCouppon
Folder Found : C:\Program Files (x86)\DisCCountExteNsi
Folder Found : C:\Program Files (x86)\DiscoUntEExateNsoi
Folder Found : C:\Program Files (x86)\DiscountExteNsii
Folder Found : C:\Program Files (x86)\ExSStraCCoupon
Folder Found : C:\Program Files (x86)\Fun2Savie
Folder Found : C:\Program Files (x86)\RelayDouble
Folder Found : C:\Program Files (x86)\RigghtiOfferApp
Folder Found : C:\Program Files (x86)\SalePlues
Folder Found : C:\Program Files (x86)\SAlePlus
Folder Found : C:\Program Files (x86)\TakeTTheCOupoN
Folder Found : C:\Program Files (x86)\Live Earnings Checker for Google AdSense
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\15944350588056971413
Folder Found : C:\ProgramData\{57c6e685-3b32-e94a-57c6-6e6853b39a14}
Folder Found : C:\ProgramData\{60aca1b6-d919-7ffe-60ac-ca1b6d9186db}
Folder Found : C:\ProgramData\{7b1ce164-f9af-21a8-7b1c-ce164f9a8593}
Folder Found : C:\ProgramData\{b2fc7454-a06e-32eb-b2fc-c7454a06d152}
Folder Found : C:\ProgramData\{eae36eda-ad6f-070a-eae3-36edaad6bb6a}
Folder Found : C:\ProgramData\{f7af6b64-b6e4-322c-f7af-f6b64b6ead92}
Folder Found : C:\ProgramData\ialjkdkdpelcpngmjbpbdjfllbefaflp
Folder Found : C:\ProgramData\okpbdeebjijnljoeibahnmpfhphhgnhl
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\goforfiles
Folder Found : C:\Users\jitka\AppData\Local\Conduit
Folder Found : C:\Users\jitka\AppData\Local\Conduit
Folder Found : C:\Users\jitka\AppData\Local\20704
Folder Found : C:\Users\jitka\AppData\LocalLow\BS_Player
Folder Found : C:\Users\jitka\AppData\LocalLow\Conduit
Folder Found : C:\Users\jitka\AppData\LocalLow\Conduit
Folder Found : C:\Users\jitka\AppData\Roaming\Babylon
Folder Found : C:\Users\jitka\AppData\Roaming\goforfiles

***** [ Files ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
File Found : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
File Found : C:\Users\Public\Desktop\GoforFiles.lnk
File Found : C:\Windows\SysWOW64\installd.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : AmiUpdXp
Task Found : GoforFilesUpdate
Task Found : LaunchSignup
Task Found : Superclean

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\d
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Found : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Key Found : HKLM\SOFTWARE\99c390a7-69b7-2fd3-35ac-1653509dc210
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{abc71024}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
Key Found : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKCU\Software\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{25031B41-99A4-47AA-A8EB-C0CD3F99717D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{598DCD74-3F5B-4E16-8749-057F426F232A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{995AEC82-0E5F-419A-864E-4E50012D0863}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CBD6173B-4061-4104-BF2F-C8E81389DB27}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Tbccint_HKLM
Key Found : HKCU\Software\Super Optimizer
Key Found : HKCU\Software\WEBAPP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Delta
Key Found : HKLM\SOFTWARE\GoforFiles
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Delta
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Tbccint_HKLM
Key Found : [x64] HKCU\Software\Super Optimizer
Key Found : [x64] HKCU\Software\WEBAPP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Toolbar
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\Conduit
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\BackgroundContainerV2
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\Conduit
Key Found : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DCAA8D54-CEB9-4000-89FE-BC045A96E67E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DCAA8D54-CEB9-4000-89FE-BC045A96E67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DCAA8D54-CEB9-4000-89FE-BC045A96E67E}
Data Found : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1441B8F3-6A69-40C8-B2D3-23898F8201FB} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{43E43442-FB4B-46F1-8380-99C18D3AB6A0} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1441B8F3-6A69-40C8-B2D3-23898F8201FB} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{43E43442-FB4B-46F1-8380-99C18D3AB6A0} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{1441B8F3-6A69-40C8-B2D3-23898F8201FB} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{43E43442-FB4B-46F1-8380-99C18D3AB6A0} [NameServer] - 199.203.131.150,82.163.143.168
Data Found : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA} [NameServer] - 199.203.131.150,82.163.143.168

***** [ Web browsers ] *****

[C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ialjkdkdpelcpngmjbpbdjfllbefaflp
[C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ogminpmldncgcmokldnmmapddoccmhfl

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [22066 bytes] ##########

[alexandra]

Log z Malwarebytes' Anti-Malware přikládám ve wordu

3.docx

(43.16 KiB) Staženo 12 x

[jerabina]

Pro příště pokud je log veliký, tak ho prosím rozděl na více částí.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[alexandra]

# AdwCleaner v5.014 - Logfile created 24/10/2015 at 22:34:39
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : jitka - HP1
# Running from : C:\Users\jitka\Desktop\ČIŠTĚNÍ\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : BackupStack

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\BS_Player
[-] Folder Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\Program Files (x86)\Delta
[-] Folder Deleted : C:\Program Files (x86)\goforfiles
[-] Folder Deleted : C:\Program Files (x86)\MyPC Backup
[-] Folder Deleted : C:\Program Files (x86)\relaydouble
[-] Folder Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[-] Folder Deleted : C:\Program Files (x86)\5e0CoUUponS
[!] Folder Not Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\CheoApoMMe
[-] Folder Deleted : C:\Program Files (x86)\DiGioCouppon
[-] Folder Deleted : C:\Program Files (x86)\DisCCountExteNsi
[-] Folder Deleted : C:\Program Files (x86)\DiscoUntEExateNsoi
[-] Folder Deleted : C:\Program Files (x86)\DiscountExteNsii
[-] Folder Deleted : C:\Program Files (x86)\ExSStraCCoupon
[-] Folder Deleted : C:\Program Files (x86)\Fun2Savie
[!] Folder Not Deleted : C:\Program Files (x86)\RelayDouble
[-] Folder Deleted : C:\Program Files (x86)\RigghtiOfferApp
[-] Folder Deleted : C:\Program Files (x86)\SalePlues
[-] Folder Deleted : C:\Program Files (x86)\SAlePlus
[-] Folder Deleted : C:\Program Files (x86)\TakeTTheCOupoN
[-] Folder Deleted : C:\Program Files (x86)\Live Earnings Checker for Google AdSense
[!] Folder Not Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\ProgramData\15944350588056971413
[-] Folder Deleted : C:\ProgramData\{57c6e685-3b32-e94a-57c6-6e6853b39a14}
[-] Folder Deleted : C:\ProgramData\{60aca1b6-d919-7ffe-60ac-ca1b6d9186db}
[-] Folder Deleted : C:\ProgramData\{7b1ce164-f9af-21a8-7b1c-ce164f9a8593}
[-] Folder Deleted : C:\ProgramData\{b2fc7454-a06e-32eb-b2fc-c7454a06d152}
[-] Folder Deleted : C:\ProgramData\{eae36eda-ad6f-070a-eae3-36edaad6bb6a}
[-] Folder Deleted : C:\ProgramData\{f7af6b64-b6e4-322c-f7af-f6b64b6ead92}
[-] Folder Deleted : C:\ProgramData\ialjkdkdpelcpngmjbpbdjfllbefaflp
[-] Folder Deleted : C:\ProgramData\okpbdeebjijnljoeibahnmpfhphhgnhl
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\goforfiles
[-] Folder Deleted : C:\Users\jitka\AppData\Local\Conduit
[!] Folder Not Deleted : C:\Users\jitka\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\jitka\AppData\Local\20704
[-] Folder Deleted : C:\Users\jitka\AppData\LocalLow\BS_Player
[-] Folder Deleted : C:\Users\jitka\AppData\LocalLow\Conduit
[!] Folder Not Deleted : C:\Users\jitka\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\jitka\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\jitka\AppData\Roaming\goforfiles

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Public\Desktop\GoforFiles.lnk
[-] File Deleted : C:\Windows\SysWOW64\installd.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : AmiUpdXp
[-] Task Deleted : GoforFilesUpdate
[-] Task Deleted : LaunchSignup
[-] Task Deleted : Superclean

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\d
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\99c390a7-69b7-2fd3-35ac-1653509dc210
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{abc71024}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{25031B41-99A4-47AA-A8EB-C0CD3F99717D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{598DCD74-3F5B-4E16-8749-057F426F232A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{995AEC82-0E5F-419A-864E-4E50012D0863}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBD6173B-4061-4104-BF2F-C8E81389DB27}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Delta
[-] Key Deleted : HKCU\Software\GoforFiles
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\Super Optimizer
[-] Key Deleted : HKCU\Software\WEBAPP
[!] Key Not Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[!] Key Not Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Delta
[-] Key Deleted : HKLM\SOFTWARE\GoforFiles
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Key Not Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Delta
[!] Key Not Deleted : [x64] HKCU\Software\GoforFiles
[!] Key Not Deleted : [x64] HKCU\Software\InstallCore
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : [x64] HKCU\Software\Super Optimizer
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Toolbar
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\BackgroundContainer
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\ConduitSearchScopes
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\BackgroundContainerV2
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DCAA8D54-CEB9-4000-89FE-BC045A96E67E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DCAA8D54-CEB9-4000-89FE-BC045A96E67E}
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Key Not Deleted : HKU\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DCAA8D54-CEB9-4000-89FE-BC045A96E67E}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1441B8F3-6A69-40C8-B2D3-23898F8201FB} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{43E43442-FB4B-46F1-8380-99C18D3AB6A0} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1441B8F3-6A69-40C8-B2D3-23898F8201FB} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{43E43442-FB4B-46F1-8380-99C18D3AB6A0} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{1441B8F3-6A69-40C8-B2D3-23898F8201FB} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{43E43442-FB4B-46F1-8380-99C18D3AB6A0} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{C21EAFCE-C14B-4B1E-A3A2-CB97FB525FFA} [NameServer]

***** [ Web browsers ] *****

[-] [C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ialjkdkdpelcpngmjbpbdjfllbefaflp
[-] [C:\Users\jitka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ogminpmldncgcmokldnmmapddoccmhfl

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23576 bytes] ##########

[alexandra]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.10.2015
Čas skenování: 22:40
Protokol: 12.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.24.05
Databáze rootkitů: v2015.10.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: jitka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 331082
Uplynulý čas: 22 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 23
PUP.Optional.CloudScout, HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b, Do karantény, [8a3bb8a24c3fa690fa13771e60a3c937],
PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSMOHAWK, Smazat při restartu, [953046141477d6603aec51f654af7987],
PUM.Optional.DisallowRun.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Do karantény, [03c20b4fd1ba7bbb3cc84d676c9709f7],
PUP.Optional.BSPlayer, HKLM\SOFTWARE\WOW6432NODE\BS_Player, Do karantény, [01c4ee6ca6e5f541ad2169e68c777987],
PUP.Optional.MediaBuzz, HKLM\SOFTWARE\WOW6432NODE\MediaBuzzV1, Do karantény, [ac192d2d0d7ec67067510565b94a669a],
PUP.Optional.MediaBuzz, HKLM\SOFTWARE\WOW6432NODE\MediaBuzzV1mode2962, Do karantény, [23a2b8a2008bf442793f462423e027d9],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1, Do karantény, [cbfabc9ebecd6dc9462a95d6ed160000],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home4801, Do karantény, [8045e17922693cfa3738caa1ed169d63],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home8942, Do karantény, [4580540686053afcf57a57148d76748c],
PUP.Optional.RichMediaView, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release4240, Do karantény, [4b7a9dbd276437ff1a9c3048ea19fb05],
PUP.Optional.TrustMediaViewer, HKLM\SOFTWARE\WOW6432NODE\TrustMediaViewerV1, Do karantény, [6065c09a2665fc3a0bc5fb8a649faf51],
PUP.Optional.TrustMediaViewer, HKLM\SOFTWARE\WOW6432NODE\TrustMediaViewerV1alpha780, Do karantény, [8c39f961abe081b5cb054045a85b639d],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, Do karantény, [854007531873350141db92f78d760cf4],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\FDDIFFKEBBACNMBOPIHFLAECFHLGNNKL, Do karantény, [9d286ded26653df95d11f378f31027d9],
PUP.Optional.TrustMediaViewer, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\JAACINLEKKABHOFMJJAMBNKKCBGGGDLL, Do karantény, [dde89bbfa6e51e1813bb7a0b31d24fb1],
PUP.Optional.MediaBuzz, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LJDFAOIFCDILHGNCEIBBHIFNDPIDBFPB, Do karantény, [dfe6f565c9c28babddda432755aedf21],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PKHFCKOFCIPGDDABPFCCDIBNHMCGDBDE, Do karantény, [8f36fe5ce2a99a9c333b313a1de6c33d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38CB4998-354F-405A-A186-F430E8DF0392}, Do karantény, [30950f4b7b1065d1c4e43c178c7746ba],
PUM.Optional.DisallowRun.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Do karantény, [1fa6fb5f5734df570df7387c05fe57a9],
PUP.Optional.BSPlayer, HKU\S-1-5-21-888114060-166399040-2814120476-1000\SOFTWARE\BS_Player, Do karantény, [3c8931291a7172c4438a5ff0818219e7],
PUP.Optional.BSPlayer, HKU\S-1-5-21-888114060-166399040-2814120476-1000\SOFTWARE\APPDATALOW\SOFTWARE\BS_Player, Do karantény, [9f2639213853a3937359aca37c8733cd],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-888114060-166399040-2814120476-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38CB4998-354F-405A-A186-F430E8DF0392}, Do karantény, [cafb2139147738fef7b08fc49e65738d],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-888114060-166399040-2814120476-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7195ABFB-0B8F-42A3-8E5C-202D1BDCC9D5}, Do karantény, [f6cfbe9c5833aa8c0c9b03507d86ee12],

Hodnoty registru: 14
PUM.Optional.DisallowRun.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Do karantény, [03c20b4fd1ba7bbb3cc84d676c9709f7]
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fddiffkebbacnmbopihflaecfhlgnnkl|path, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home4801\ch\MediaWatchV1home4801.crx, Do karantény, [9d286ded26653df95d11f378f31027d9]
PUP.Optional.TrustMediaViewer, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jaacinlekkabhofmjjambnkkcbgggdll|path, C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha780\ch\TrustMediaViewerV1alpha780.crx, Do karantény, [dde89bbfa6e51e1813bb7a0b31d24fb1]
PUP.Optional.MediaBuzz, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ljdfaoifcdilhgnceibbhifndpidbfpb|path, C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode2962\ch\MediaBuzzV1mode2962.crx, Do karantény, [dfe6f565c9c28babddda432755aedf21]
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pkhfckofcipgddabpfccdibnhmcgdbde|path, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8942\ch\MediaWatchV1home8942.crx, Do karantény, [8f36fe5ce2a99a9c333b313a1de6c33d]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38CB4998-354F-405A-A186-F430E8DF0392}|AppPath, C:\Users\jitka\AppData\Local\Conduit\CT1750559, Do karantény, [30950f4b7b1065d1c4e43c178c7746ba]
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home8942.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8942\ff, Do karantény, [1ea774e623683ff73a375714e51e39c7]
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home4801.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home4801\ff, Do karantény, [4c7964f612794fe73e3389e235ced62a]
PUP.Optional.MediaBuzz, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode2962.net, C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode2962\ff, Do karantény, [cff6c397d7b4a29411a8b9b1b350ef11]
PUP.Optional.RichMediaView, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release4240.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release4240\ff, Do karantény, [8f3676e433586dc9f8bd7503f21107f9]
PUP.Optional.TrustMediaViewer, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@TrustMediaViewerV1alpha780.net, C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha780\ff, Do karantény, [2b9ab9a14e3d89adb7182d589d668977]
PUM.Optional.DisallowRun.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Do karantény, [1fa6fb5f5734df570df7387c05fe57a9]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-888114060-166399040-2814120476-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38CB4998-354F-405A-A186-F430E8DF0392}|AppPath, C:\Users\jitka\AppData\Local\Conduit\CT1750559, Do karantény, [cafb2139147738fef7b08fc49e65738d]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-888114060-166399040-2814120476-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7195ABFB-0B8F-42A3-8E5C-202D1BDCC9D5}|AppPath, C:\Users\jitka\AppData\Local\Conduit\CT1750559, Do karantény, [f6cfbe9c5833aa8c0c9b03507d86ee12]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 4
PUP.Optional.Amonetize, C:\Users\jitka\AppData\Local\7599, Do karantény, [527386d4cbc021157170531c9171b24e],
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config, Do karantény, [c7feef6bcac10d292a9f472a23e0ae52],
PUP.Optional.ScrollButton, C:\Program Files (x86)\Scroll Button, Do karantény, [279e82d84b404aec8f2478028a79cb35],
PUP.Optional.BrowserAdBlocker, C:\ProgramData\Browser AdBlocker, Do karantény, [547172e89eed12243026dd679270f907],

Soubory: 8
PUP.Optional.MultiPlug.Uns, C:\ProgramData\Browser AdBlocker\Browser AdBlocker.exe, Do karantény, [aa1b1a400586b6803d4425b033cec838],
Trojan.Ransom.Gend, C:\Users\jitka\AppData\Roaming\AltShell.dat, Do karantény, [e8ddf2683f4c0a2cd860227221df6b95],
PUP.Optional.Amonetize, C:\Users\jitka\AppData\Local\7599\a3855.exe, Do karantény, [576ea8b2117a280e4c1d1d12699728d8],
PUP.Optional.Amonetize, C:\Users\jitka\AppData\Local\7599\status.cfg, Do karantény, [527386d4cbc021157170531c9171b24e],
PUP.Optional.Amonetize, C:\Users\jitka\AppData\Local\7599\Updater.xml, Do karantény, [527386d4cbc021157170531c9171b24e],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Windows\System32\Tasks\DNSMOHAWK, Do karantény, [cdf8312991fa082e170bc384808320e0],
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\ver.xml, Do karantény, [c7feef6bcac10d292a9f472a23e0ae52],
PUP.Optional.ScrollButton, C:\Program Files (x86)\Scroll Button\Scroll Button.dat, Do karantény, [279e82d84b404aec8f2478028a79cb35],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by jitka on so 24.10.2015 at 23:08:24,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{61A49B2E-2EE1-406F-9881-E51CFE488E27}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F0D29D36-0B5B-4D4D-A5AD-271308FDE75C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{61A49B2E-2EE1-406F-9881-E51CFE488E27}



~~~ Files

Successfully deleted: [File] C:\Users\jitka\AppData\Roaming\appdataFr25.bin
Successfully deleted: [File] C:\Users\jitka\AppData\Roaming\appdataFr3.bin
Successfully deleted: [File] C:\Users\jitka\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage
Successfully deleted: [File] C:\Users\jitka\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{0D423E63-10C8-42C6-B493-CB7ABD8224A5}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{100F156E-55B5-4D39-A6C5-638D09E2E1B5}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{134BFF64-FEAD-4F95-8665-72C8BD0DA7EF}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{22577424-0ABC-45F0-9A2B-7EA8B76CC817}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{27779A2B-AFBC-4BEF-8C9D-14A597E9A5DA}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{3D387408-D32C-485E-B3CC-F238A1490AD8}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{4C4C7B9E-3885-41AF-8510-8032DB661FEF}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{558EC7B3-9E14-4AE5-84D9-72F52B42B8D9}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{69EF6248-BE9E-4048-B1EB-4B354786F47B}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{6B33A5FC-3D52-40A6-80D7-86AC642C19F8}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{7447BB8E-8DE9-4C1B-982D-8BD58FB16A8F}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{78066F43-880A-47A0-B302-BCF95B0315E2}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{81D6EC6E-9508-4175-BC4E-C7D98001D790}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{81FAF4DA-26C3-4446-BBE2-2CE9FF3C24F3}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{8B867473-0B19-46E7-9748-C21AF114DCC4}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{B436D433-E334-4D29-B895-AE7EBC7FA797}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{E72BDF2C-CD46-4B47-93D7-A9DA03389D6D}
Successfully deleted: [Empty Folder] C:\Users\jitka\Appdata\Local\{E7CAAEEE-D9C4-4783-A876-E72EF29F916C}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\jitka\Appdata\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

[C:\Users\jitka\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\jitka\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\jitka\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\jitka\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
olfeabkoenfaoljndfecamgilllcpiak
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 24.10.2015 at 23:11:08,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




RogueKiller V10.11.2.0 (x64) [Oct 20 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : jitka [Práva správce]
Started from : C:\Users\jitka\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 10/24/2015 23:26:54

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=HPNTDF -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-888114060-166399040-2814120476-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=HPNTDF -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK7575GSX +++++
--- User ---
[MBR] 1eb6f35fc6433811eeb1869187b6420b
[BSP] 3dd29df1797c5f41b819c7cebbc43ff3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 696337 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1426507776 | Size: 18764 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MB
User = LL1 ... OK
User = LL2 ... OK

[jerabina]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.