Problém s reklamama v prohlížeči

adam-novák · Příspěvekod **adam-novák** » 07 kvě 2016 17:23

Dobrý den,

mám problém s jakýmkoliv prohlížečem. Dovnímám se, že jsem někde něco stáhnul a k tomu se mi do počítače dostal nějaký typ viru.

Na jakékoliv stránce (ve všech prohlížečích) se mi ukazují reklamy a háže mě to na stránky s různýma reklamama atd. Klasické vyskakující okna.

AdBlock nezabírá a daný vir v počítači nemohu najít. Dále Chrome neustále padá a dochází ke zmražení.

Děkuji předem za pomoc.

Adam

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:16:40 PM, on 07-May-16
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Adam\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Adam\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\CPP\CppKalkulacky\CppCalcServer.exe
C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\plugin.exe
C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12\plugin.exe
C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\3\plugin.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Adam\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Innovate Direct - {4944affb-e1c2-4ffb-a3c7-e424ea82e577} - C:\Program Files (x86)\Innovate Direct\Extensions\4944affb-e1c2-4ffb-a3c7-e424ea82e577.dll (file missing)
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Adam\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [UpdateAdmin] C:\Users\Adam\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: CPP - CalcServer.lnk = C:\CPP\CppKalkulacky\CppCalcServer.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVerRECentral - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
O23 - Service: AVerUSBPortChecker - <AVerMedia> - C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - c:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: ggbugreport - Unknown owner - C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RECentralService - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service Mgr InnovateDirect - Unknown owner - C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr InnovateDirect - Unknown owner - C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Boost - Western Digital - C:\Program Files\Western Digital\WD Boost\WDBoost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12616 bytes

Reklama

Příspěvekod **jaro3** » 08 kvě 2016 09:21

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

adam-novák · Příspěvekod **adam-novák** » 08 kvě 2016 17:13

# AdwCleaner v5.115 - Log soubor vytvořen 08/05/2016 o 16:51:36
# Aktualizováno 01/05/2016 by Xplode
# Databáze : 2016-05-08.4 [Server]
# Operační systém : Windows 10 Home (X64)
# Jméno uživatele : Adam - MSI
# Spuštěno z : C:\Users\Adam\Desktop\AdwCleaner.exe
# Volba : Skenovat
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

Služba nalezeno : ggbugreport
Služba nalezeno : Service Mgr InnovateDirect
Služba nalezeno : Update Mgr InnovateDirect

***** [ Složky ] *****

Složka nalezeno : C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
Složka nalezeno : C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
Složka nalezeno : C:\ProgramData\72a94853-0927-0
Složka nalezeno : C:\ProgramData\72a94853-66a5-1
Složka nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
Složka nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
Složka nalezeno : C:\Program Files (x86)\Innovate Direct
Složka nalezeno : C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
Složka nalezeno : C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
Složka nalezeno : C:\Users\Adam\AppData\Local\UpdateAdmin
Složka nalezeno : C:\Users\Adam\AppData\Roaming\One System Care
Složka nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn
Složka nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn
Složka nalezeno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn
Složka nalezeno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn

***** [ Soubory ] *****

Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\negfgmkefggjjkocfmklkjdjebeinkhn
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\negfgmkefggjjkocfmklkjdjebeinkhn
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage-journal
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.nicesearches.com_0.localstorage
Soubor nalezeno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.nicesearches.com_0.localstorage-journal
Soubor nalezeno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
Soubor nalezeno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
Soubor nalezeno : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úkoly ] *****

Úkol nalezeno : UpdateAdmin
Úkol nalezeno : One System CarePeriod
Úkol nalezeno : One System Care Run Delay
Úkol nalezeno : One System Care Monitor
Úkol nalezeno : One System Care Task
Úkol nalezeno : WinTaske
Úkol nalezeno : Browser Updater Task(Core)

***** [ Registr ] *****

Klávesa nalezeno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Klávesa nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\AppID\{bdd1eed2-cb3a-4308-ae94-cc92cea53ac5}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\AppID\{f2111ef1-fbe5-4370-85a6-4ceee56af79a}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\CLSID\{4944affb-e1c2-4ffb-a3c7-e424ea82e577}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\Interface\{16879EC5-9228-448E-89C2-84B8A31A8E06}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\Interface\{16879EC5-9228-448E-89C2-84B8A31A8E06}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{194B8204-3EAE-47E4-8DAF-1852E7A82638}
Klávesa nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4944affb-e1c2-4ffb-a3c7-e424ea82e577}
Klávesa nalezeno : HKCU\Software\DownloadAdmin
Klávesa nalezeno : HKCU\Software\One System Care
Klávesa nalezeno : HKCU\Software\qksee
Klávesa nalezeno : HKCU\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Klávesa nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Extensions
Klávesa nalezeno : HKLM\SOFTWARE\hdcode
Klávesa nalezeno : HKLM\SOFTWARE\yessearchesSoftware
Klávesa nalezeno : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Klávesa nalezeno : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Klávesa nalezeno : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
Klávesa nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OneSystemCare
Klávesa nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Klávesa nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}
Klávesa nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Innovate Direct
Klávesa nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Innovate Direct
Klávesa nalezeno : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Klávesa nalezeno : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Klávesa nalezeno : HKU\S-1-5-21-651315805-1421114470-672391322-1002\Software\DownloadAdmin
Klávesa nalezeno : HKU\S-1-5-21-651315805-1421114470-672391322-1002\Software\One System Care
Klávesa nalezeno : HKU\S-1-5-21-651315805-1421114470-672391322-1002\Software\qksee
Klávesa nalezeno : HKU\S-1-5-21-651315805-1421114470-672391322-1002\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Klávesa nalezeno : HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Klávesa nalezeno : HKLM\SOFTWARE\Classes\Installer\Features\45B71F1875D5E58488CC6F2DD0665B0E
Klávesa nalezeno : HKLM\SOFTWARE\Classes\Installer\Products\45B71F1875D5E58488CC6F2DD0665B0E
Klávesa nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\45B71F1875D5E58488CC6F2DD0665B0E
Klávesa nalezeno : [x64] HKLM\SOFTWARE\Classes\Installer\Products\45B71F1875D5E58488CC6F2DD0665B0E
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\innovatedirect-a.akamaihd.net
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\innovatedirect-a.akamaihd.net
Klávesa nalezeno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Hodnota nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]
Hodnota nalezeno : HKU\S-1-5-21-651315805-1421114470-672391322-1002\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]

***** [ Webové prohlížeče ] *****

[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] nalezeno : aol.com
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] nalezeno : ask.com
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] nalezeno : mortal-kombat-x.en.softonic.com
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] nalezeno : yessearches
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] nalezeno : kerbal-space-program.en.softonic.com
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] nalezeno : nice
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] nalezeno : hxxp://www.nicesearches.com?type=hp&ts= ... 7e5mam1q1w
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] nalezeno : negfgmkefggjjkocfmklkjdjebeinkhn
[C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] nalezeno : negfgmkefggjjkocfmklkjdjebeinkhn

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [10565 bytes] - [08/05/2016 16:51:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10639 bytes] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 08-May-16
Čas skenování: 4:57 PM
Protokol: malw.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.08.02
Databáze rootkitů: v2016.05.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Adam

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 287873
Uplynulý čas: 10 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 12
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\updater.exe, 2416, , [c1b10cc71683d2645f032f6f0df4f709]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugincontainer.exe, 2696, , [225032a1c0d92115e77b277756ab14ec]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\10\Plugin.exe, 3592, , [6210f6dd4e4bde585b07f6a8768be11f]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\Plugin.exe, 7084, , [e0920bc8bddc989ef66cdcc27a87768a]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\Plugin.exe, 8268, , [e0920bc8bddc989ef66cdcc27a87768a]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\5\Plugin.exe, 8236, , [a8ca686b9306ab8b0c091d8046bb08f8]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12\Plugin.exe, 8384, , [86ec646f1b7e53e3d58d4c52ab56d828]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12\Plugin.exe, 8688, , [86ec646f1b7e53e3d58d4c52ab56d828]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\3\Plugin.exe, 8404, , [027029aaf0a9f343174bdfbf80816898]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\3\Plugin.exe, 8708, , [027029aaf0a9f343174bdfbf80816898]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\8\Plugin.exe, 8504, , [2e44f6ddd7c274c20959eeb0d928d729]
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\2\Plugin.exe, 8564, , [a1d15a79f3a60f2712243f5d8c7559a7]

Moduly: 1
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{548C96FF-6443-4B7A-B365-9E946FAED0C1}.dll, , [0a6820b38d0ccd69d78bf3abb9488a76],

Klíče registru: 46
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr InnovateDirect, , [c1b10cc71683d2645f032f6f0df4f709],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr InnovateDirect, , [225032a1c0d92115e77b277756ab14ec],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{bdd1eed2-cb3a-4308-ae94-cc92cea53ac5}, , [c1b123b018810135eb9d291ad52d0000],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{BDD1EED2-CB3A-4308-AE94-CC92CEA53AC5}, , [c1b123b018810135eb9d291ad52d0000],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{BDD1EED2-CB3A-4308-AE94-CC92CEA53AC5}, , [c1b123b018810135eb9d291ad52d0000],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{f2111ef1-fbe5-4370-85a6-4ceee56af79a}, , [680a9a39b7e252e48ffa0e35d03204fc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{F2111EF1-FBE5-4370-85A6-4CEEE56AF79A}, , [680a9a39b7e252e48ffa0e35d03204fc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{F2111EF1-FBE5-4370-85A6-4CEEE56AF79A}, , [680a9a39b7e252e48ffa0e35d03204fc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4944affb-e1c2-4ffb-a3c7-e424ea82e577}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{194b8204-3eae-47e4-8daf-1852e7a82638}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{16879EC5-9228-448E-89C2-84B8A31A8E06}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{16879EC5-9228-448E-89C2-84B8A31A8E06}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{16879EC5-9228-448E-89C2-84B8A31A8E06}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{194b8204-3eae-47e4-8daf-1852e7a82638}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{194b8204-3eae-47e4-8daf-1852e7a82638}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4944AFFB-E1C2-4FFB-A3C7-E424EA82E577}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4944AFFB-E1C2-4FFB-A3C7-E424EA82E577}, , [de94ac27168344f22c5afa499d65b34d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, , [2d45745f0c8d54e21133e85c010106fa],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, , [2d45745f0c8d54e21133e85c010106fa],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [e48e7162554472c44503aa9a7f83c33d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [e48e7162554472c44503aa9a7f83c33d],
PUP.Optional.YesSearches, HKU\S-1-5-18\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, , [3f33369dcbce33039fc7cd76d72b32ce],
PUP.Optional.YesSearches, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, , [86ecf6dd7b1ebd794a1c45fe976bbe42],
PUP.Optional.YesSearches, HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, , [363c557e00994ee8d98d3d06c141ac54],
PUP.Optional.WinTaske, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3497495C-85C5-4AC9-914A-5876C34EB2A4}, , [fc763a990a8fe84e288f09b891720bf5],
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4A1AF877-BA54-48A0-8B14-7BF33A7FBB8C}, , [076b765dabee4fe74c548c34e81b37c9],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5B49AE42-FED8-4DF7-AF9F-6AEF57B9A1F3}, , [bcb68e45c2d73501e0a8fac8c43f8878],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A7BAB91B-6024-469F-84FC-97ADC09493DB}, , [aac83f946930d75f2563f5cd887bb54b],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AB037150-A1E7-401B-BE76-F338424E264D}, , [88eabf14e6b3f046b8d0af13a45f47b9],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA41527D-3594-4164-AD61-818807D86D3A}, , [c9a95c772574f2446781dfe143c01ce4],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Monitor, , [076b963d7e1b68ceebd21f5f0af9ad53],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Run Delay, , [c7ab18bbc3d6d85ee6d7b6c843c05fa1],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Task, , [9ad87d56a0f91224b409fb8345bea55b],
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System CarePeriod, , [d999c70ceeab59ddd6e7add1b1527789],
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UpdateAdmin, , [4032b41ffd9c43f368ee7e0cfa0902fe],
PUP.Optional.WinTaske, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WinTaske, , [beb4468db9e0cf670e8a4973fd06748c],
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [84ee6e654752e1554c9ea2fefa0860a0],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\InnovateDirect, , [a5cd646f910841f5f855455acd35b848],
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\yessearchesSoftware, , [670b448fa2f7c1756b3ea61145bea35d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Innovate Direct, , [007261726b2e9f9782cc2d722dd5718f],
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}, , [32409b380495e94df0670d7d7d864db3],
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [b2c0ebe857425fd78b5ffea2946ec739],
PUP.Optional.YesSearches, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GGBUGREPORT, , [bdb57261dfba0d29df67d5caed1552ae],
PUP.Optional.UpdateAdmin, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\DOWNLOADADMIN\UpdateAdmin, , [3141478c6d2c082e6ce8bad0a55e9b65],
PUP.Optional.YesSearches, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [a4ce2ba81b7e2b0b8415576512f13cc4],
PUP.Optional.OneSystemCare, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\ONE SYSTEM CARE, , [afc3478c821771c58933b6c830d313ed],

Hodnoty registru: 26
PUP.Optional.DownLoadAdmin, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|UpdateAdmin, C:\Users\Adam\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN, , [a0d25182cecbec4ac67a86d2bd47d729]
PUP.Optional.WinTaske, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3497495C-85C5-4AC9-914A-5876C34EB2A4}|Path, \WinTaske, , [fc763a990a8fe84e288f09b891720bf5]
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4A1AF877-BA54-48A0-8B14-7BF33A7FBB8C}|Path, \UpdateAdmin, , [076b765dabee4fe74c548c34e81b37c9]
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5B49AE42-FED8-4DF7-AF9F-6AEF57B9A1F3}|Path, \One System Care Monitor, , [bcb68e45c2d73501e0a8fac8c43f8878]
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A7BAB91B-6024-469F-84FC-97ADC09493DB}|Path, \One System CarePeriod, , [aac83f946930d75f2563f5cd887bb54b]
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AB037150-A1E7-401B-BE76-F338424E264D}|Path, \One System Care Task, , [88eabf14e6b3f046b8d0af13a45f47b9]
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA41527D-3594-4164-AD61-818807D86D3A}|Path, \One System Care Run Delay, , [c9a95c772574f2446781dfe143c01ce4]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, , [84ee6e654752e1554c9ea2fefa0860a0]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, , [32406d663f5a1d199a505947768ced13]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?u ... tid=dam&q={searchTerms}&ts=AHEpBn8qCHIsAE..&v=20160301&mode=ffsengext, , [beb4ebe84653dc5aba309d030bf750b0]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?u ... toolbar&q=, , [ee84a52ecccd50e6c327534d2cd6ab55]
PUP.Optional.UpdateAdmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}|Publisher, DownloadAdmin, , [32409b380495e94df0670d7d7d864db3]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, , [b2c0ebe857425fd78b5ffea2946ec739]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, , [93df29aa712882b4a74310904fb339c7]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?u ... tid=dam&q={searchTerms}&ts=AHEpBn8qCHIsAE..&v=20160301&mode=ffsengext, , [bbb706cd36634de97a706a3649b9629e]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?u ... toolbar&q=, , [f47e82517326fe38d614abf5b44e35cb]
PUP.Optional.YesSearches, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ggbugreport|ImagePath, "C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe" {154DFF63-3402-4815-941A-AAD63AE8B428}, , [bdb57261dfba0d29df67d5caed1552ae]
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr InnovateDirect|ImagePath, "C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugincontainer.exe", , [eb87fcd70594191ddd1154602ed554ac]
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr InnovateDirect|ImagePath, "C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\updater.exe", , [2151b023dcbd82b4aa45af05c0436c94]
PUP.Optional.YesSearches, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, , [a4ce2ba81b7e2b0b8415576512f13cc4]
PUP.Optional.YesSearches, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, , [1a5803d04158ea4c05947d3f47bc1be5]
PUP.Optional.YesSearches, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?u ... tid=dam&q={searchTerms}&ts=AHEpBn8qCHIsAE..&v=20160301&mode=ffsengext, , [5b177360ebae5dd93b5e8438a95a9b65]
PUP.Optional.YesSearches, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?u ... toolbar&q=, , [acc6a231e0b932046930922a19eabe42]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\ONE SYSTEM CARE|OSID, 6.2, , [afc3478c821771c58933b6c830d313ed]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, http://dl.softservers.net/121002110/DriverPro.exe, , [343e5c777d1cba7c3e7df38bf0138a76]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-651315805-1421114470-672391322-1002\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, http://od.onesaveservers.net/291002110/OneSaveSetup.exe, , [59196c677821dc5a6e4db7c7e2219d63]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 29
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care, , [135f5d76871279bdf5c2f28cb44fcf31],
PUP.Optional.UpdateAdmin, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin, , [e58d5b78613885b1a3adf89216ed17e9],
PUP.Optional.UpdateAdmin, C:\Windows\Installer\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}, , [93df399aefaaf046af4301af27dcfe02],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\WL, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.UpdateAdmin, C:\Users\Adam\AppData\Local\UpdateAdmin, , [50229f345247fd39db9f0e84b052946c],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugincontainer, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\10, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12\resources, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\2, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\3, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\5, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\resources, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\8, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3, , [7cf624aff2a7da5c3d759405ca3824dc],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\updater, , [7cf624aff2a7da5c3d759405ca3824dc],
PUP.Optional.Yontoo, C:\Program Files (x86)\Innovate Direct, , [d39fdcf7712841f5c0f33d5cd62ccd33],
PUP.Optional.Yontoo, C:\Program Files (x86)\Innovate Direct\Extensions, , [d39fdcf7712841f5c0f33d5cd62ccd33],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\72a94853-0927-0, , [caa88251e8b14beb7848b2e8f70b9c64],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\72a94853-66a5-1, , [d69c3d9695040e28427e9505e41e29d7],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0, , [c2b0953e3564c571975792cb19ebbd43],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn, , [c2b0953e3564c571975792cb19ebbd43],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0, , [f67c5b782c6d77bfb6362835ae56817f],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn, , [f67c5b782c6d77bfb6362835ae56817f],

Soubory: 61
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\updater.exe, , [c1b10cc71683d2645f032f6f0df4f709],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugincontainer.exe, , [225032a1c0d92115e77b277756ab14ec],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\10\Plugin.exe, , [6210f6dd4e4bde585b07f6a8768be11f],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\Plugin.exe, , [e0920bc8bddc989ef66cdcc27a87768a],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\5\Plugin.exe, , [a8ca686b9306ab8b0c091d8046bb08f8],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12\Plugin.exe, , [86ec646f1b7e53e3d58d4c52ab56d828],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\3\Plugin.exe, , [027029aaf0a9f343174bdfbf80816898],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\8\Plugin.exe, , [2e44f6ddd7c274c20959eeb0d928d729],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\2\Plugin.exe, , [a1d15a79f3a60f2712243f5d8c7559a7],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{548C96FF-6443-4B7A-B365-9E946FAED0C1}.dll, , [0a6820b38d0ccd69d78bf3abb9488a76],
PUP.Optional.DownLoadAdmin, C:\Users\Adam\AppData\Local\UpdateAdmin\UpdateAdmin.exe, , [a0d25182cecbec4ac67a86d2bd47d729],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\12\resources\plugin.dll, , [aac822b10f8a1f17acb64a541ae7c33d],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\resources\40.0.0.dll, , [630f646fc4d564d2cc96019d9a67b14f],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\plugins\7\resources\45.0.1.dll, , [e191666d7227f6402e34386615ec39c7],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_innovatedirect-a.akamaihd.net_0.localstorage, , [beb4e3f0d8c11125ae9dfda2b052ee12],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_innovatedirect-a.akamaihd.net_0.localstorage-journal, , [91e13d9635642f07fc4ffca345bdf20e],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, , [75fda82b1d7c9a9cbfff2c78dc26956b],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, , [086a557e3564c670516dfea646bcd32d],
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\Launch One System Care.lnk, , [135f5d76871279bdf5c2f28cb44fcf31],
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\One System Care on the Web.url, , [135f5d76871279bdf5c2f28cb44fcf31],
PUP.Optional.OneSystemCare, C:\Windows\System32\Tasks\One System Care Monitor, , [98da6f643a5f11259b1e116d8182c33d],
PUP.Optional.OneSystemCare, C:\Windows\System32\Tasks\One System Care Run Delay, , [b8bae7eca0f9da5cbefbd5a9df24a759],
PUP.Optional.OneSystemCare, C:\Windows\System32\Tasks\One System Care Task, , [cea426ad3960340213a6d1ad0ff4ef11],
PUP.Optional.OneSystemCare, C:\Windows\System32\Tasks\One System CarePeriod, , [462c7e55afea58dea415344a0ef57b85],
PUP.Optional.OneSystemCare, C:\Windows\Tasks\One System CarePeriod.job, , [670be0f36a2fe1558832304ec73c34cc],
PUP.Optional.UpdateAdmin, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin\UpdateAdmin.lnk, , [e58d5b78613885b1a3adf89216ed17e9],
PUP.Optional.UpdateAdmin, C:\Windows\System32\Tasks\UpdateAdmin, , [d49e9043455463d3173aa5e5b54e9a66],
PUP.Optional.UpdateAdmin, C:\Windows\Installer\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}\icon.ico, , [93df399aefaaf046af4301af27dcfe02],
PUP.Optional.AdNetworkPerformance, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, , [f9792aa9d5c401359b920fa47192b34d],
PUP.Optional.AdNetworkPerformance, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, , [373bf3e0a9f0da5c032a278c9271a957],
PUP.Optional.PriceMoon, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, , [c2b05c77ff9a330364e59b1a5ea544bc],
PUP.Optional.PriceMoon, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, , [7df57d56cecbdb5bd4754372bf44af51],
PUP.Optional.OnClickAds, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage, , [40321db608914aecfa0e7149eb18b24e],
PUP.Optional.OnClickAds, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage-journal, , [fb7760739affa59108005565eb18bc44],
PUP.Optional.Amonetize.Gen, C:\ProgramData\72a94853-0927-0\BITB462.tmp, , [88ea8b48e8b116206910655aa261b54b],
PUP.Optional.Amonetize.Gen, C:\ProgramData\72a94853-66a5-1\BITB413.tmp, , [94decb08415864d27405f7c804ff26da],
PUP.Optional.NiceSearches, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage, , [eb87be151d7c16200a6d9139e12251af],
PUP.Optional.NiceSearches, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage-journal, , [4b27cf047d1cec4a4c2b44868083926e],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\CallBanner.png, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\FinishedScan.png, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Danish.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Dutch.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\English.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\French.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\German.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Italian.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Norwegian.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Parameters.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Portuguese.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Spanish.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.OneSystemCare, C:\Users\Adam\AppData\Roaming\One System Care\Languages\Swedish.xml, , [80f2a33020794bebee09b7d5b151fd03],
PUP.Optional.Yontoo, C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3\temp, , [f28024af08919a9c4c65a6f38181c53b],
PUP.Optional.Yontoo, C:\Program Files (x86)\Innovate Direct\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn.crx, , [d39fdcf7712841f5c0f33d5cd62ccd33],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\manifest.json, , [c2b0953e3564c571975792cb19ebbd43],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\background.js, , [c2b0953e3564c571975792cb19ebbd43],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\content.js, , [c2b0953e3564c571975792cb19ebbd43],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\icon.png, , [c2b0953e3564c571975792cb19ebbd43],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\manifest.json, , [f67c5b782c6d77bfb6362835ae56817f],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\background.js, , [f67c5b782c6d77bfb6362835ae56817f],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\content.js, , [f67c5b782c6d77bfb6362835ae56817f],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn\1.0.5957.35202_0\icon.png, , [f67c5b782c6d77bfb6362835ae56817f],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jaro3** » 09 kvě 2016 09:01

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

adam-novák · Příspěvekod **adam-novák** » 09 kvě 2016 18:51

# AdwCleaner v5.116 - Log soubor vytvořen 09/05/2016 o 18:09:00
# Aktualizováno 09/05/2016 by Xplode
# Databáze : 2016-05-09.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Jméno uživatele : Adam - MSI
# Spuštěno z : C:\Users\Adam\Downloads\adwcleaner_5.116.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

[-] Služba smazáno : ggbugreport
[-] Služba smazáno : Service Mgr InnovateDirect
[-] Služba smazáno : Update Mgr InnovateDirect

***** [ Složky ] *****

[-] Složka smazáno : C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
[#] Složka smazáno : C:\ProgramData\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
[-] Složka smazáno : C:\ProgramData\311157fe
[-] Složka smazáno : C:\ProgramData\72a94853-0927-0
[-] Složka smazáno : C:\ProgramData\72a94853-66a5-1
[-] Složka smazáno : C:\ProgramData\{01f8e440-112c-0}
[-] Složka smazáno : C:\ProgramData\{026bdbb6-712c-0}
[-] Složka smazáno : C:\ProgramData\{16ce5a89-212c-1}
[-] Složka smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
[-] Složka smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
[-] Složka smazáno : C:\Program Files (x86)\DNS Unlocker
[-] Složka smazáno : C:\Program Files (x86)\Innovate Direct
[-] Složka smazáno : C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
[#] Složka smazáno : C:\Program Files (x86)\Common Files\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3
[-] Složka smazáno : C:\Users\Adam\AppData\Local\UpdateAdmin
[-] Složka smazáno : C:\Users\Adam\AppData\Roaming\One System Care
[-] Složka smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn
[#] Složka smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn
[-] Složka smazáno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn
[#] Složka smazáno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\negfgmkefggjjkocfmklkjdjebeinkhn

***** [ Soubory ] *****

[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\negfgmkefggjjkocfmklkjdjebeinkhn
[#] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
[#] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\negfgmkefggjjkocfmklkjdjebeinkhn
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.nicesearches.com_0.localstorage
[-] Soubor smazáno : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.nicesearches.com_0.localstorage-journal
[-] Soubor smazáno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
[#] Soubor smazáno : C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_negfgmkefggjjkocfmklkjdjebeinkhn_0.localstorage
[-] Soubor smazáno : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úkoly ] *****

[-] Úkol smazáno : UpdateAdmin
[-] Úkol smazáno : One System CarePeriod
[-] Úkol smazáno : One System Care Run Delay
[-] Úkol smazáno : One System Care Monitor
[-] Úkol smazáno : One System Care Task
[-] Úkol smazáno : WinTaske
[-] Úkol smazáno : Browser Updater Task(Core)
[-] Úkol smazáno : DNSLOCKINGTON

***** [ Registr ] *****

[-] Klávesa smazáno : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Klávesa smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa smazáno : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{311157fe}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{bdd1eed2-cb3a-4308-ae94-cc92cea53ac5}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{f2111ef1-fbe5-4370-85a6-4ceee56af79a}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{4944affb-e1c2-4ffb-a3c7-e424ea82e577}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{16879EC5-9228-448E-89C2-84B8A31A8E06}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{194B8204-3EAE-47E4-8DAF-1852E7A82638}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4944affb-e1c2-4ffb-a3c7-e424ea82e577}
[-] Klávesa smazáno : HKCU\Software\DownloadAdmin
[-] Klávesa smazáno : HKCU\Software\One System Care
[-] Klávesa smazáno : HKCU\Software\qksee
[-] Klávesa smazáno : HKCU\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Extensions
[-] Klávesa smazáno : HKLM\SOFTWARE\hdcode
[-] Klávesa smazáno : HKLM\SOFTWARE\yessearchesSoftware
[-] Klávesa smazáno : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klávesa smazáno : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klávesa smazáno : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OneSystemCare
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Innovate Direct
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Klávesa smazáno : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Installer\Features\45B71F1875D5E58488CC6F2DD0665B0E
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Installer\Products\45B71F1875D5E58488CC6F2DD0665B0E
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\45B71F1875D5E58488CC6F2DD0665B0E
[-] Data Obnoveno : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4e1564b0-bf62-4b48-b708-afdd163f63c6} [NameServer]
[-] Data Obnoveno : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7cd95c3b-acfe-4209-a375-f67177358477} [NameServer]
[-] Data Obnoveno : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f01fd984-0a4a-48d7-b2f6-6dd8bd153b11} [NameServer]
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\innovatedirect-a.akamaihd.net
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\innovatedirect-a.akamaihd.net
[-] Klávesa smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[-] Hodnota smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]
[#] Hodnota smazáno : HKU\S-1-5-21-651315805-1421114470-672391322-1002\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]

***** [ Webové prohlížeče ] *****

[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : aol.com
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : ask.com
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : mortal-kombat-x.en.softonic.com
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : yessearches
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : kerbal-space-program.en.softonic.com
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : nice
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] smazáno : hxxp://www.nicesearches.com?type=hp&ts= ... 7e5mam1q1w
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] smazáno : negfgmkefggjjkocfmklkjdjebeinkhn
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] smazáno : negfgmkefggjjkocfmklkjdjebeinkhn

*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [12795 bytes] - [09/05/2016 18:09:00]
C:\AdwCleaner\AdwCleaner[S1].txt - [10731 bytes] - [08/05/2016 16:51:36]
C:\AdwCleaner\AdwCleaner[S2].txt - [13414 bytes] - [09/05/2016 18:07:44]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13017 bytes] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 09-May-16
Čas skenování: 6:15 PM
Protokol: malw.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.09.03
Databáze rootkitů: v2016.05.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Adam

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 287333
Uplynulý čas: 10 min, 32 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Do karantény, [8c4b993ae1b877bfda16e4bdd1310df3],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\InnovateDirect, Do karantény, [894e8a49524754e202512080e220768a],

Hodnoty registru: 4
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, Do karantény, [8c4b993ae1b877bfda16e4bdd1310df3]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBn8q ... =ffsengext, Do karantény, [a631696a3b5e56e0d0209a073bc7f50b]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?u ... tid=dam&q={searchTerms}&ts=AHEpBn8qCHIsAE..&v=20160301&mode=ffsengext, Do karantény, [2daa0bc85c3d8aac3db37c2554ae758b]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?u ... toolbar&q=, Do karantény, [f3e40dc6d9c048ee9b55277a3ec443bd]

Data registru: 1
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Dobré: (8.8.8.

, Špatné: (82.163.142.7 95.211.158.134),Nahrazeno,[b522c112f4a53303bf331c22e12308f8]

Složky: 1
PUP.Optional.UpdateAdmin, C:\Windows\Installer\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}, Do karantény, [9146a92a5a3f82b4b93d862bd72c3bc5],

Soubory: 17
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{2F8961C1-154A-41DC-BC5D-25E4542401F7}.dll, Do karantény, [488f973c7821d06621c38411b1508779],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{3FC9DC83-C332-4B03-BA04-CC4F87D3999F}.dll, Do karantény, [558216bdb9e053e3e9be8c12be43ab55],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{48C154E7-D87C-4E4C-920A-C514BCE89A43}.dll, Do karantény, [dff87360c8d1f640f0b7cad4bc45f20e],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{548C96FF-6443-4B7A-B365-9E946FAED0C1}.dll, Do karantény, [3d9abc17990086b0b6f1a9f57c85659b],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{A360680B-E5A3-421F-9B11-CF18832203D9}.dll, Do karantény, [795e33a09bfe0f27eef6662f3ac79e62],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{A64C0CDA-13D6-4B2C-86CB-3B78B72409A6}.dll, Do karantény, [d205eee5a1f84ee81dc77d18cf32718f],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{C8BB64A4-4155-465E-BB1B-E43E5BCADDCB}.dll, Do karantény, [dff8884bc4d53afccb193a5be21f3ec2],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Temp\{F0B10559-9251-47E4-8CF6-9320740C7B98}.dll, Do karantény, [1dba478c77229c9a05df247143be20e0],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, Do karantény, [55826c670099c96dcdf77035b64cd729],
PUP.Optional.Yontoo, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, Do karantény, [7562a13281185adcedd75d481ee4f808],
PUP.Optional.UpdateAdmin, C:\Windows\Installer\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}\icon.ico, Do karantény, [9146a92a5a3f82b4b93d862bd72c3bc5],
PUP.Optional.PriceMoon, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, Do karantény, [92455281f9a0bc7aa9a4932334cf12ee],
PUP.Optional.PriceMoon, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, Do karantény, [f4e3c1124950d85e4508793d43c013ed],
PUP.Optional.OnClickAds, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage, Do karantény, [cc0b5f74e4b56acce52769520300a65a],
PUP.Optional.OnClickAds, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage-journal, Do karantény, [4097bf1448511f17d03c695282813cc4],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, Do karantény, [706711c2e9b05fd75f0303b803004eb2],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, Do karantény, [06d18b483762ed4921412f8c5fa41ee2],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Adam (Administrator) on 09-May-16 at 18:12:14.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CBE6D9A4-C180-477D-ABBE-84121D9E30D1} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09-May-16 at 18:13:52.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V12.1.6.0 (x64) [May 9 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : Adam [Administrator]
Started from : C:\Users\Adam\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 05/09/2016 18:44:59

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-651315805-1421114470-672391322-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://msi13.msn.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-651315805-1421114470-672391322-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://msi13.msn.com -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10J13T-22C9UT0 +++++
--- User ---
[MBR] b4b72cbf6223af8feb46ee862dea47dc
[BSP] 18e19f0155c267eabe106b67ea52f152 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 600 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1230848 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1845248 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2107392 | Size: 571376 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1172285440 | Size: 494 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1173297152 | Size: 450 MB
6 - Basic data partition | Offset (sectors): 1174218752 | Size: 360883 MB
7 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1913307136 | Size: 19637 MB
8 - [SYSTEM][HIDDEN!][READONLY][MAN-MOUNT] | Offset (sectors): 1953525168 | Size: 22900 MB
User = LL1 ... OK
User = LL2 ... OK

Příspěvekod **jaro3** » 09 kvě 2016 19:58

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech

adam-novák · Příspěvekod **adam-novák** » 10 kvě 2016 22:09

RogueKiller V12.1.6.0 (x64) [May 9 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : Adam [Administrator]
Started from : C:\Users\Adam\Desktop\PC-Help\RogueKillerX64.exe
Mode : Delete -- Date : 05/10/2016 21:17:53

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-651315805-1421114470-672391322-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://msi13.msn.com -> Replaced (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-651315805-1421114470-672391322-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://msi13.msn.com -> Replaced (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10J13T-22C9UT0 +++++
--- User ---
[MBR] b4b72cbf6223af8feb46ee862dea47dc
[BSP] 18e19f0155c267eabe106b67ea52f152 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 600 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1230848 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1845248 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2107392 | Size: 571376 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1172285440 | Size: 494 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1173297152 | Size: 450 MB
6 - Basic data partition | Offset (sectors): 1174218752 | Size: 360883 MB
7 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1913307136 | Size: 19637 MB
8 - [SYSTEM][HIDDEN!][READONLY][MAN-MOUNT] | Offset (sectors): 1953525168 | Size: 22900 MB
User = LL1 ... OK
User = LL2 ... OK

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Adam on 10-May-16 at 21:33:24.56.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adam\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10-May-16 9:34:02 PM Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Adam\AppData\Local\ActiveSync deleted successfully
C:\Users\Adam\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\extensions deleted
C:\PROGRA~3\fontcacheev1.dat deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Public\Documents\dmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted

==== Chromium Look ======================

AdBlock - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Fix ======================

C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_innovatedirect-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_innovatedirect-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexc.net_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexc.net_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_voxfind.com_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_voxfind.com_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{CBE6D9A4-C180-477D-ABBE-84121D9E30D1}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CBE6D9A4-C180-477D-ABBE-84121D9E30D1}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{CBE6D9A4-C180-477D-ABBE-84121D9E30D1}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{CBE6D9A4-C180-477D-ABBE-84121D9E30D1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{CBE6D9A4-C180-477D-ABBE-84121D9E30D1}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{CBE6D9A4-C180-477D-ABBE-84121D9E30D1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adam\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Adam\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Adam\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Adam\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=55 folders=37 32582312 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Adam\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 10-May-16 at 21:58:05.82 ======================

Ahoj,

chci se zeptat, nemám radši poslat notebook do servisu?

Jelikož změna ve vyskakujících oknech je minimální. Používám Chrome a ten je neskutečně otravný s tím, že kamkoliv kliknu, tak mi vyskočí reklama...

Jinak jestli si myslíš, že jsme už u konce, tak to dokončíme. :)

Děkuji moc za tvojí dočasnou pomoc.

Zjistil jsem, že příčinou by mohl být nějaký Innovate Direct, protože u všech reklam které mám na obrazovce, tak na nich je
napsáno: Powered by Innovate Direct Ads.

Našel jsem ho v notebooku uložený, ale nejde vymazat, jelikož je prý používán v jiném programu.

Asi se nainstaloval Dns Unlocker a jak sem četl, tak je prý težko odinstalovatelný.

Díky předem za odpověď.

Adam

Příspěvekod **jaro3** » 10 kvě 2016 22:32

Vlož nový log z HJT

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Problém s reklamama v prohlížeči

Problém s reklamama v prohlížeči

Re: Problém s reklamama v proůhlížeči

Re: Problém s reklamama v prohlížeči

Re: Problém s reklamama v prohlížeči

Re: Problém s reklamama v prohlížeči

Re: Problém s reklamama v prohlížeči

Re: Problém s reklamama v prohlížeči

Re: Problém s reklamama v prohlížeči

Kdo je online