Dobrý den, prosím o kontrolu logu. Počítač mi v poslední době běží dost špatně. Děkuji
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:39, on 12. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Users\Leoš\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Users\Leoš\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Users\Leoš\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Leoš\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Leoš\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Leoš\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Leoš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: GoPro Importer.lnk = C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ANSYS, Inc. License Manager - ANSYS, Inc. - C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
O23 - Service: ANSYS Licensing Tomcat (ANSYSLicensingTomcat) - Apache Software Foundation - C:\Program Files\ANSYS Inc\Shared Files\Licensing\tools\tomcat\bin\tomcat7.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Avira System Speedup (SpeedupService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14981 bytes
log - kontrola
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: log - kontrola
Odinstaluj:
Spybot - Search and Destroy
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Spybot - Search and Destroy
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: log - kontrola
# AdwCleaner v6.030 - Log soubor vytvořen 13/11/2016 na 20:10:05
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-13.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Leoš - LEO
# Beží od : C:\Users\Leoš\Desktop\AdwCleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Adresáře ] *****
Složka nalezena: C:\Users\Leoš\AppData\Local\globalUpdate
Složka nalezena: C:\Users\Leoš\AppData\Local\SweetLabs App Platform
Složka nalezena: C:\Program Files\Booking.com
Složka nalezena: C:\ProgramData\pokki
Složka nalezena: C:\ProgramData\Pokki
Složka nalezena: C:\Users\Default User\AppData\Local\Pokki
Složka nalezena: C:\Users\Default\AppData\Local\Pokki
Složka nalezena: C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kcdeaofcapijfmeopimkgcepdpbdepnb_0
Složka nalezena: C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kcdeaofcapijfmeopimkgcepdpbdepnb
***** [ Soubory ] *****
Soubor nalezen: C:\Users\Leoš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Soubor nalezen: C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Soubor nalezen: C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Úkol nalezen: SweetLabs App Platform
Úkol nalezen: ACC
Úkol nalezen: Software Update Application
***** [ Registry ] *****
Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [CinemaP-1.9cV20.01-bg.exe]
Klíč nalezen: HKLM\SOFTWARE\59d8ae63-c2ef-4077-818a-2ef782f82d9f
Klíč nalezen: HKLM\SOFTWARE\b0c3fcf8-10e4-4ffa-87dc-238a8a2abd20
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05cad991-13a5-4346-bf9b-25a2d6f50de0}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05cad991-13a5-4346-bf9b-25a2d6f50de0}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Classes\pokki
Klíč nalezen: HKCU\Software\Classes\pokki
Klíč nalezen: [x64] HKCU\Software\Classes\pokki
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\SweetLabs App Platform
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
Klíč nalezen: HKCU\Software\SweetLabs App Platform
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: [x64] HKCU\Software\SweetLabs App Platform
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Hodnota nalezena: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
Klíč nalezen: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč nalezen: HKCU\Software\Classes\Directory\shell\pokki
Klíč nalezen: HKCU\Software\Classes\Drive\shell\pokki
Klíč nalezen: HKCU\Software\Classes\lnkfile\shell\pokki
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chromium nastavení nalezeno: [C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Web data] - yahoo.com
Chromium nastavení nalezeno: [C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - kcdeaofcapijfmeopimkgcepdpbdepnb
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [6485 Bajtů] - [13/11/2016 20:10:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6559 Bajtů] ##########
____________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 13. 11. 2016
Čas skenování: 20:19
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.13.05
Databáze rootkitů: v2016.10.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Leoš
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 358267
Uplynulý čas: 27 min, 44 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 47
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [2f9afdc24753aa8c9fe77235f809e21e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [2f9afdc24753aa8c9fe77235f809e21e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [2f9afdc24753aa8c9fe77235f809e21e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [923712adfb9f69cdb7da188fbd445fa1],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [923712adfb9f69cdb7da188fbd445fa1],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [62674d724e4cef47c9ca9a0dd52c05fb],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [62674d724e4cef47c9ca9a0dd52c05fb],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [a6235b64fb9fdd595040efb8c53cba46],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05CAD991-13A5-4346-BF9B-25A2D6F50DE0}, , [8c3df5ca673342f47fae2a5c4ab8748c],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA052A63-1BD3-4CD2-AA27-9C525A1E96DA}, , [a128ba057a20ca6c909fe0a6b9494cb4],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2F8E76E0-0386-48B7-8004-5665EFE5E29E}, , [8742536c1f7b82b41d002ca831d1fb05],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C02997C-20B7-4795-8610-5D55AA80159A}, , [af1ae3dc28725dd92bf2bc18c63c16ea],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6690A35F-00C9-4CB7-A6DE-CFA69A75EC75}, , [6663645b8911cb6bf825c21222e0f60a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6C9D829D-C58F-4629-83CF-93114BA7869E}, , [cbfec7f8fd9de84efa23963e976b45bb],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B51B7E20-F087-4674-9338-CE1E8CCB5276}, , [359436893169f24432ebdcf8c33fc53b],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C03DCFF9-E883-4A1F-803F-367E04A92854}, , [dcedf4cb1189ba7c41dc04d07e848779],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E5E4417D-184F-4CF5-930B-903C0A1FA084}, , [aa1fad12d7c367cfd34ad400a45e20e0],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-1, , [fecb6956e5b5e84ebc745b2b857d9967],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-11, , [a22727988614eb4b929ed3b3a1612fd1],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-2, , [a128af10970385b1d55bcfb748baa35d],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-3, , [25a48738b8e20432919f3452946e7090],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-5, , [7455942b72288ea8f23e8ef8be44669a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-6, , [2b9e853a5743e65039f78cfa17eb2ad6],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-7, , [6762fec1356555e1ed43b1d5c53d9e62],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05CAD991-13A5-4346-BF9B-25A2D6F50DE0}, , [dfea457a61396fc7210c770f35cdbc44],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA052A63-1BD3-4CD2-AA27-9C525A1E96DA}, , [6465645b49513303f33cc8bebc4637c9],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [f9d0d2edefab76c096523c4e32d0ca36],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [eedb6d52afeb44f226c1f298bb4713ed],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV20.01-nv, , [686102bd8b0fc5713917aad835cdf20e],
PUP.Optional.Cinema, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\CinemaP-1.9cV20.01-nv, , [c900912e306a81b55cf4eb976c9626da],
PUP.Optional.Cinema, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\APPDATALOW\SOFTWARE\CinemaP-1.9cV20.01, , [8e3b447b1b7f14228fb9b4ce758d1ee2],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05CAD991-13A5-4346-BF9B-25A2D6F50DE0}, , [0bbe88373e5cf640b85f7016d82a758b],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{267FC902-8167-4CD4-B164-E0C16E468BBA}, , [8f3a328db7e3e45274a4a5e18e74f20e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27012DB6-7DD9-4061-97B9-4459D2C76CBD}, , [dfeac2fd4654c4721305e6a07e84bd43],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35941D02-4B6B-403D-92D5-27502895221C}, , [76532699f3a771c5f52402847c86b34d],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C7D77AC-74AD-4B82-8729-C0EDB8C8A9ED}, , [0bbe0bb42278092d1efa56305ca6d030],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{406350CA-89BD-4149-8793-2FFBDD2D38E3}, , [b019506f9dfd9b9b57c14145669c827e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56C33622-E1AE-43AE-BE74-6F4752ACB2F9}, , [02c7635c3466ef47c4553b4bb34f9070],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC43F980-F420-408D-BB13-EA9A3668C51B}, , [bf0a17a8108aae8814059de90af8f60a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4A5232B-16F2-4277-BA20-57B768D3F016}, , [9930f3cc6436bc7a8e8b711538cab848],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA052A63-1BD3-4CD2-AA27-9C525A1E96DA}, , [814809b68e0cfb3bec2d1274f909639d],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB403642-DE01-40EE-9C42-C1EB39F1E6F5}, , [6960714e1e7c59ddac6c1c6a91718779],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D15FEAA1-86B0-45F8-B759-C7C4F6DB8655}, , [e5e4407f603ac5712decbbcbf40ee020],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D960AF90-1628-4C4F-AD5F-B98A2FDF8C32}, , [ccfd46794951e0560c0d038304fec63a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C7A271-5356-44A2-8399-346B891B4465}, , [93367b447b1f072fd742d1b551b17789],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB96A371-78D1-411A-80BD-1C20B85119A4}, , [48811aa5b6e443f3ee2a2a5c14ee728e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFA01EAC-234A-404F-8B7C-104547CA3099}, , [09c0734c2b6f7db957c21373c53d6a96],
Hodnoty registru: 28
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05cad991-13a5-4346-bf9b-25a2d6f50de0}|AppName, CinemaP-1.9cV20.01-bg.exe, , [8c3df5ca673342f47fae2a5c4ab8748c]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}|AppName, CinemaP-1.9cV20.01-codedownloader.exe, , [a128ba057a20ca6c909fe0a6b9494cb4]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2F8E76E0-0386-48B7-8004-5665EFE5E29E}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-7, , [8742536c1f7b82b41d002ca831d1fb05]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C02997C-20B7-4795-8610-5D55AA80159A}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-2, , [af1ae3dc28725dd92bf2bc18c63c16ea]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6690A35F-00C9-4CB7-A6DE-CFA69A75EC75}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-5, , [6663645b8911cb6bf825c21222e0f60a]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6C9D829D-C58F-4629-83CF-93114BA7869E}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-11, , [cbfec7f8fd9de84efa23963e976b45bb]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B51B7E20-F087-4674-9338-CE1E8CCB5276}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-1, , [359436893169f24432ebdcf8c33fc53b]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C03DCFF9-E883-4A1F-803F-367E04A92854}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-3, , [dcedf4cb1189ba7c41dc04d07e848779]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E5E4417D-184F-4CF5-930B-903C0A1FA084}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-6, , [aa1fad12d7c367cfd34ad400a45e20e0]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05cad991-13a5-4346-bf9b-25a2d6f50de0}|AppName, CinemaP-1.9cV20.01-bg.exe, , [dfea457a61396fc7210c770f35cdbc44]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}|AppName, CinemaP-1.9cV20.01-codedownloader.exe, , [6465645b49513303f33cc8bebc4637c9]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|CinemaP-1.9cV20.01-bg.exe, 8000, , [99307946d5c57bbb9c4873631be7c739]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05cad991-13a5-4346-bf9b-25a2d6f50de0}|AppName, CinemaP-1.9cV20.01-bg.exe, , [0bbe88373e5cf640b85f7016d82a758b]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{267FC902-8167-4CD4-B164-E0C16E468BBA}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [8f3a328db7e3e45274a4a5e18e74f20e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27012DB6-7DD9-4061-97B9-4459D2C76CBD}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [dfeac2fd4654c4721305e6a07e84bd43]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35941D02-4B6B-403D-92D5-27502895221C}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [76532699f3a771c5f52402847c86b34d]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C7D77AC-74AD-4B82-8729-C0EDB8C8A9ED}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [0bbe0bb42278092d1efa56305ca6d030]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{406350CA-89BD-4149-8793-2FFBDD2D38E3}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [b019506f9dfd9b9b57c14145669c827e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56C33622-E1AE-43AE-BE74-6F4752ACB2F9}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [02c7635c3466ef47c4553b4bb34f9070]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC43F980-F420-408D-BB13-EA9A3668C51B}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [bf0a17a8108aae8814059de90af8f60a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4A5232B-16F2-4277-BA20-57B768D3F016}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [9930f3cc6436bc7a8e8b711538cab848]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}|AppName, CinemaP-1.9cV20.01-codedownloader.exe, , [814809b68e0cfb3bec2d1274f909639d]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB403642-DE01-40EE-9C42-C1EB39F1E6F5}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [6960714e1e7c59ddac6c1c6a91718779]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D15FEAA1-86B0-45F8-B759-C7C4F6DB8655}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [e5e4407f603ac5712decbbcbf40ee020]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D960AF90-1628-4C4F-AD5F-B98A2FDF8C32}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [ccfd46794951e0560c0d038304fec63a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C7A271-5356-44A2-8399-346B891B4465}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [93367b447b1f072fd742d1b551b17789]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB96A371-78D1-411A-80BD-1C20B85119A4}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [48811aa5b6e443f3ee2a2a5c14ee728e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFA01EAC-234A-404F-8B7C-104547CA3099}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [09c0734c2b6f7db957c21373c53d6a96]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.Booking, C:\Program Files\Booking.COM, , [9f2a07b84753b38386bdeb6fbf44e51b],
Soubory: 19
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-1, , [27a2d5ea306a37ffa9bf3b42e31fa759],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-11, , [28a104bbb9e1ac8a7eea4538b74b629e],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-2, , [5376e6d97426aa8c9bcdb0cd2ad8946c],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-3, , [c603f5ca7e1ce551a6c20a7303ffd12f],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-5, , [f3d6a51afe9c45f1fb6dc4b94fb345bb],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-6, , [369388372575e84e0d5bc7b6729044bc],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-7, , [e6e377487426092d6dfbc9b47b871be5],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-1.job, , [dced99262a70a294e485413c9f631de3],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-11.job, , [c1086956fd9deb4b6bfe7b0208fa2fd1],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-2.job, , [9c2d17a82a7083b34c1dd6a7a260c43c],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-3.job, , [d7f2dde2d9c171c59bcef38a2fd34eb2],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-5.job, , [21a8833c4a50c076f37688f5d03244bc],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-5_user.job, , [e2e714abb0eae84e0564621b0002de22],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-6.job, , [d8f1b8072d6db482ee7bbebf59a958a8],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-7.job, , [4287942be6b441f5a0c9f9849072e11f],
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.com.lnk, , [9f2a07b84753b38386bdeb6fbf44e51b],
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.ico, , [9f2a07b84753b38386bdeb6fbf44e51b],
PUP.Optional.Booking, C:\Program Files\Booking.COM\StartURL.exe, , [9f2a07b84753b38386bdeb6fbf44e51b],
PUP.Optional.Booking, C:\Program Files\Booking.COM\Version.txt, , [9f2a07b84753b38386bdeb6fbf44e51b],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
_______________________
Děkuji za odpověď. Spybot odinstalován a vkládám logy dle instrukcí. Ani v jednom programu jsem zatím nic nemazal.
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-13.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Leoš - LEO
# Beží od : C:\Users\Leoš\Desktop\AdwCleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Adresáře ] *****
Složka nalezena: C:\Users\Leoš\AppData\Local\globalUpdate
Složka nalezena: C:\Users\Leoš\AppData\Local\SweetLabs App Platform
Složka nalezena: C:\Program Files\Booking.com
Složka nalezena: C:\ProgramData\pokki
Složka nalezena: C:\ProgramData\Pokki
Složka nalezena: C:\Users\Default User\AppData\Local\Pokki
Složka nalezena: C:\Users\Default\AppData\Local\Pokki
Složka nalezena: C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kcdeaofcapijfmeopimkgcepdpbdepnb_0
Složka nalezena: C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kcdeaofcapijfmeopimkgcepdpbdepnb
***** [ Soubory ] *****
Soubor nalezen: C:\Users\Leoš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Soubor nalezen: C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Soubor nalezen: C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Úkol nalezen: SweetLabs App Platform
Úkol nalezen: ACC
Úkol nalezen: Software Update Application
***** [ Registry ] *****
Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [CinemaP-1.9cV20.01-bg.exe]
Klíč nalezen: HKLM\SOFTWARE\59d8ae63-c2ef-4077-818a-2ef782f82d9f
Klíč nalezen: HKLM\SOFTWARE\b0c3fcf8-10e4-4ffa-87dc-238a8a2abd20
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05cad991-13a5-4346-bf9b-25a2d6f50de0}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05cad991-13a5-4346-bf9b-25a2d6f50de0}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Classes\pokki
Klíč nalezen: HKCU\Software\Classes\pokki
Klíč nalezen: [x64] HKCU\Software\Classes\pokki
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\SweetLabs App Platform
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Klíč nalezen: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
Klíč nalezen: HKCU\Software\SweetLabs App Platform
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: [x64] HKCU\Software\SweetLabs App Platform
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Hodnota nalezena: HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
Klíč nalezen: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč nalezen: HKCU\Software\Classes\Directory\shell\pokki
Klíč nalezen: HKCU\Software\Classes\Drive\shell\pokki
Klíč nalezen: HKCU\Software\Classes\lnkfile\shell\pokki
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chromium nastavení nalezeno: [C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Web data] - yahoo.com
Chromium nastavení nalezeno: [C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - kcdeaofcapijfmeopimkgcepdpbdepnb
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [6485 Bajtů] - [13/11/2016 20:10:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6559 Bajtů] ##########
____________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 13. 11. 2016
Čas skenování: 20:19
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.13.05
Databáze rootkitů: v2016.10.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Leoš
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 358267
Uplynulý čas: 27 min, 44 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 47
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [2f9afdc24753aa8c9fe77235f809e21e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [2f9afdc24753aa8c9fe77235f809e21e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [2f9afdc24753aa8c9fe77235f809e21e],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [923712adfb9f69cdb7da188fbd445fa1],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [923712adfb9f69cdb7da188fbd445fa1],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [62674d724e4cef47c9ca9a0dd52c05fb],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [62674d724e4cef47c9ca9a0dd52c05fb],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [a6235b64fb9fdd595040efb8c53cba46],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05CAD991-13A5-4346-BF9B-25A2D6F50DE0}, , [8c3df5ca673342f47fae2a5c4ab8748c],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA052A63-1BD3-4CD2-AA27-9C525A1E96DA}, , [a128ba057a20ca6c909fe0a6b9494cb4],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2F8E76E0-0386-48B7-8004-5665EFE5E29E}, , [8742536c1f7b82b41d002ca831d1fb05],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C02997C-20B7-4795-8610-5D55AA80159A}, , [af1ae3dc28725dd92bf2bc18c63c16ea],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6690A35F-00C9-4CB7-A6DE-CFA69A75EC75}, , [6663645b8911cb6bf825c21222e0f60a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6C9D829D-C58F-4629-83CF-93114BA7869E}, , [cbfec7f8fd9de84efa23963e976b45bb],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B51B7E20-F087-4674-9338-CE1E8CCB5276}, , [359436893169f24432ebdcf8c33fc53b],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C03DCFF9-E883-4A1F-803F-367E04A92854}, , [dcedf4cb1189ba7c41dc04d07e848779],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E5E4417D-184F-4CF5-930B-903C0A1FA084}, , [aa1fad12d7c367cfd34ad400a45e20e0],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-1, , [fecb6956e5b5e84ebc745b2b857d9967],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-11, , [a22727988614eb4b929ed3b3a1612fd1],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-2, , [a128af10970385b1d55bcfb748baa35d],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-3, , [25a48738b8e20432919f3452946e7090],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-5, , [7455942b72288ea8f23e8ef8be44669a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-6, , [2b9e853a5743e65039f78cfa17eb2ad6],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\4eafeb29-800e-4c0c-b826-caa72a9d2631-7, , [6762fec1356555e1ed43b1d5c53d9e62],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05CAD991-13A5-4346-BF9B-25A2D6F50DE0}, , [dfea457a61396fc7210c770f35cdbc44],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA052A63-1BD3-4CD2-AA27-9C525A1E96DA}, , [6465645b49513303f33cc8bebc4637c9],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [f9d0d2edefab76c096523c4e32d0ca36],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [eedb6d52afeb44f226c1f298bb4713ed],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV20.01-nv, , [686102bd8b0fc5713917aad835cdf20e],
PUP.Optional.Cinema, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\CinemaP-1.9cV20.01-nv, , [c900912e306a81b55cf4eb976c9626da],
PUP.Optional.Cinema, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\APPDATALOW\SOFTWARE\CinemaP-1.9cV20.01, , [8e3b447b1b7f14228fb9b4ce758d1ee2],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05CAD991-13A5-4346-BF9B-25A2D6F50DE0}, , [0bbe88373e5cf640b85f7016d82a758b],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{267FC902-8167-4CD4-B164-E0C16E468BBA}, , [8f3a328db7e3e45274a4a5e18e74f20e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27012DB6-7DD9-4061-97B9-4459D2C76CBD}, , [dfeac2fd4654c4721305e6a07e84bd43],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35941D02-4B6B-403D-92D5-27502895221C}, , [76532699f3a771c5f52402847c86b34d],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C7D77AC-74AD-4B82-8729-C0EDB8C8A9ED}, , [0bbe0bb42278092d1efa56305ca6d030],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{406350CA-89BD-4149-8793-2FFBDD2D38E3}, , [b019506f9dfd9b9b57c14145669c827e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56C33622-E1AE-43AE-BE74-6F4752ACB2F9}, , [02c7635c3466ef47c4553b4bb34f9070],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC43F980-F420-408D-BB13-EA9A3668C51B}, , [bf0a17a8108aae8814059de90af8f60a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4A5232B-16F2-4277-BA20-57B768D3F016}, , [9930f3cc6436bc7a8e8b711538cab848],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA052A63-1BD3-4CD2-AA27-9C525A1E96DA}, , [814809b68e0cfb3bec2d1274f909639d],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB403642-DE01-40EE-9C42-C1EB39F1E6F5}, , [6960714e1e7c59ddac6c1c6a91718779],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D15FEAA1-86B0-45F8-B759-C7C4F6DB8655}, , [e5e4407f603ac5712decbbcbf40ee020],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D960AF90-1628-4C4F-AD5F-B98A2FDF8C32}, , [ccfd46794951e0560c0d038304fec63a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C7A271-5356-44A2-8399-346B891B4465}, , [93367b447b1f072fd742d1b551b17789],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB96A371-78D1-411A-80BD-1C20B85119A4}, , [48811aa5b6e443f3ee2a2a5c14ee728e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFA01EAC-234A-404F-8B7C-104547CA3099}, , [09c0734c2b6f7db957c21373c53d6a96],
Hodnoty registru: 28
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05cad991-13a5-4346-bf9b-25a2d6f50de0}|AppName, CinemaP-1.9cV20.01-bg.exe, , [8c3df5ca673342f47fae2a5c4ab8748c]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}|AppName, CinemaP-1.9cV20.01-codedownloader.exe, , [a128ba057a20ca6c909fe0a6b9494cb4]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2F8E76E0-0386-48B7-8004-5665EFE5E29E}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-7, , [8742536c1f7b82b41d002ca831d1fb05]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C02997C-20B7-4795-8610-5D55AA80159A}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-2, , [af1ae3dc28725dd92bf2bc18c63c16ea]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6690A35F-00C9-4CB7-A6DE-CFA69A75EC75}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-5, , [6663645b8911cb6bf825c21222e0f60a]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6C9D829D-C58F-4629-83CF-93114BA7869E}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-11, , [cbfec7f8fd9de84efa23963e976b45bb]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B51B7E20-F087-4674-9338-CE1E8CCB5276}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-1, , [359436893169f24432ebdcf8c33fc53b]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C03DCFF9-E883-4A1F-803F-367E04A92854}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-3, , [dcedf4cb1189ba7c41dc04d07e848779]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E5E4417D-184F-4CF5-930B-903C0A1FA084}|Path, \4eafeb29-800e-4c0c-b826-caa72a9d2631-6, , [aa1fad12d7c367cfd34ad400a45e20e0]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05cad991-13a5-4346-bf9b-25a2d6f50de0}|AppName, CinemaP-1.9cV20.01-bg.exe, , [dfea457a61396fc7210c770f35cdbc44]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}|AppName, CinemaP-1.9cV20.01-codedownloader.exe, , [6465645b49513303f33cc8bebc4637c9]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|CinemaP-1.9cV20.01-bg.exe, 8000, , [99307946d5c57bbb9c4873631be7c739]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05cad991-13a5-4346-bf9b-25a2d6f50de0}|AppName, CinemaP-1.9cV20.01-bg.exe, , [0bbe88373e5cf640b85f7016d82a758b]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{267FC902-8167-4CD4-B164-E0C16E468BBA}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [8f3a328db7e3e45274a4a5e18e74f20e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27012DB6-7DD9-4061-97B9-4459D2C76CBD}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [dfeac2fd4654c4721305e6a07e84bd43]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35941D02-4B6B-403D-92D5-27502895221C}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [76532699f3a771c5f52402847c86b34d]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C7D77AC-74AD-4B82-8729-C0EDB8C8A9ED}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [0bbe0bb42278092d1efa56305ca6d030]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{406350CA-89BD-4149-8793-2FFBDD2D38E3}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [b019506f9dfd9b9b57c14145669c827e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56C33622-E1AE-43AE-BE74-6F4752ACB2F9}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [02c7635c3466ef47c4553b4bb34f9070]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC43F980-F420-408D-BB13-EA9A3668C51B}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [bf0a17a8108aae8814059de90af8f60a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4A5232B-16F2-4277-BA20-57B768D3F016}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [9930f3cc6436bc7a8e8b711538cab848]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ca052a63-1bd3-4cd2-aa27-9c525a1e96da}|AppName, CinemaP-1.9cV20.01-codedownloader.exe, , [814809b68e0cfb3bec2d1274f909639d]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB403642-DE01-40EE-9C42-C1EB39F1E6F5}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [6960714e1e7c59ddac6c1c6a91718779]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D15FEAA1-86B0-45F8-B759-C7C4F6DB8655}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [e5e4407f603ac5712decbbcbf40ee020]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D960AF90-1628-4C4F-AD5F-B98A2FDF8C32}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [ccfd46794951e0560c0d038304fec63a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C7A271-5356-44A2-8399-346B891B4465}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [93367b447b1f072fd742d1b551b17789]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB96A371-78D1-411A-80BD-1C20B85119A4}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-buttonutil.exe, , [48811aa5b6e443f3ee2a2a5c14ee728e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4139521740-1720155892-3710605140-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFA01EAC-234A-404F-8B7C-104547CA3099}|AppName, 4eafeb29-800e-4c0c-b826-caa72a9d2631-2.exe-codedownloader.exe, , [09c0734c2b6f7db957c21373c53d6a96]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.Booking, C:\Program Files\Booking.COM, , [9f2a07b84753b38386bdeb6fbf44e51b],
Soubory: 19
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-1, , [27a2d5ea306a37ffa9bf3b42e31fa759],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-11, , [28a104bbb9e1ac8a7eea4538b74b629e],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-2, , [5376e6d97426aa8c9bcdb0cd2ad8946c],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-3, , [c603f5ca7e1ce551a6c20a7303ffd12f],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-5, , [f3d6a51afe9c45f1fb6dc4b94fb345bb],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-6, , [369388372575e84e0d5bc7b6729044bc],
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-7, , [e6e377487426092d6dfbc9b47b871be5],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-1.job, , [dced99262a70a294e485413c9f631de3],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-11.job, , [c1086956fd9deb4b6bfe7b0208fa2fd1],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-2.job, , [9c2d17a82a7083b34c1dd6a7a260c43c],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-3.job, , [d7f2dde2d9c171c59bcef38a2fd34eb2],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-5.job, , [21a8833c4a50c076f37688f5d03244bc],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-5_user.job, , [e2e714abb0eae84e0564621b0002de22],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-6.job, , [d8f1b8072d6db482ee7bbebf59a958a8],
PUP.Optional.CrossRider, C:\Windows\Tasks\4eafeb29-800e-4c0c-b826-caa72a9d2631-7.job, , [4287942be6b441f5a0c9f9849072e11f],
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.com.lnk, , [9f2a07b84753b38386bdeb6fbf44e51b],
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.ico, , [9f2a07b84753b38386bdeb6fbf44e51b],
PUP.Optional.Booking, C:\Program Files\Booking.COM\StartURL.exe, , [9f2a07b84753b38386bdeb6fbf44e51b],
PUP.Optional.Booking, C:\Program Files\Booking.COM\Version.txt, , [9f2a07b84753b38386bdeb6fbf44e51b],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
_______________________
Děkuji za odpověď. Spybot odinstalován a vkládám logy dle instrukcí. Ani v jednom programu jsem zatím nic nemazal.
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: log - kontrola
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 110 hostů