prosím o kontrolu, zlobí režim spánku

vanis24 · Příspěvekod **vanis24** » 24 črc 2016 00:37

Při probuzení ze spánku věží na strašně vysoký výkon a také blbne grafika a zvuk.
předem děkuji za náhled a pomoc.
Pavel

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:31:42, on 24. 7. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0494)

FIREFOX: 47.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Uživatel\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Uživatel\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/resul ... =repair&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/resul ... =repair&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/resul ... =repair&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - (no file)
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: (no name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Universal Camera Driver_Monitor] "C:\Program Files (x86)\HP Universal Camera Driver\monitor.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup
O4 - HKCU\..\Run: [icq] C:\Users\Uživatel\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Uživatel\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Uživatel\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Uživatel\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/09/23 00:11:40 (CLKMSVC10_38F51D56) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Služba DigitalPersona Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Auditování/zamknutí zařízení nástroje HP ProtectTools (FLCDLOCK) - Hewlett-Packard Company - C:\WINDOWS\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem18.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 20710 bytes

Reklama

Příspěvekod **Orcus** » 24 črc 2016 01:36

Odinstaluj Spy Emergency - jeho funkci už zastává Avira.

===================================================

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na tlačítko "Logfile" načež se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
- Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:

Aktualizace Malwarebytes' Anti-Malware
Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec

- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

vanis24 · Příspěvekod **vanis24** » 24 črc 2016 21:55

# AdwCleaner v5.201 - Log vytvořen 24/07/2016 v 21:38:52
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-24.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : Pavel - NB-WIN8
# Spuštěno z : C:\Users\Uživatel\Desktop\AdwCleaner.exe
# Nastavení : Sken
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

Služba Nalezeno : PanService

***** [ Složky ] *****

Složka Nalezeno : C:\ProgramData\BitGuard
Složka Nalezeno : C:\ProgramData\Browser Manager
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\Conduit
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\ProgramData\systemk
Složka Nalezeno : C:\ProgramData\Tarma Installer
Složka Nalezeno : C:\ProgramData\torchcrashhandler
Složka Nalezeno : C:\ProgramData\wincert
Složka Nalezeno : C:\ProgramData\ytd video downloader
Složka Nalezeno : C:\ProgramData\7243239280829360841
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\globalUpdate
Složka Nalezeno : C:\Program Files (x86)\GreenTree Applications
Složka Nalezeno : C:\Program Files (x86)\ICQ6Toolbar
Složka Nalezeno : C:\Program Files (x86)\Linkey
Složka Nalezeno : C:\Program Files (x86)\PANDORA.TV
Složka Nalezeno : C:\Program Files (x86)\Settings Manager
Složka Nalezeno : C:\Program Files (x86)\SmartTweak
Složka Nalezeno : C:\Program Files (x86)\TheGoPhoto.it V10
Složka Nalezeno : C:\Program Files (x86)\TheTorntv V10
Složka Nalezeno : C:\Program Files (x86)\TheTorntv V10
Složka Nalezeno : C:\Users\Uživatel\AppData\Local\globalUpdate
Složka Nalezeno : C:\Users\Uživatel\AppData\Local\SwvUpdater
Složka Nalezeno : C:\Users\Uživatel\AppData\Local\torch
Složka Nalezeno : C:\Users\Uživatel\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\Betcat
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\SkypEmoticons
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\WebCake
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Složka Nalezeno : C:\Users\Uživatel\AppData\Local\globalUpdate
Složka Nalezeno : C:\Users\Uživatel\AppData\Local\SwvUpdater
Složka Nalezeno : C:\Users\Uživatel\AppData\Local\torch
Složka Nalezeno : C:\Users\Uživatel\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\Betcat
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\SkypEmoticons
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\WebCake
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Složka Nalezeno : C:\extensions

***** [ Soubory ] *****

Soubor Nalezeno : C:\END
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml
Soubor Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
Soubor Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
Soubor Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
Soubor Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
Soubor Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
Soubor Nalezeno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : AmiUpdXp
Úloha Nalezeno : BackgroundContainer Startup Task

***** [ Registry ] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Klíč Nalezeno : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\TorchVLC
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r1207-n-bf.exe
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Klíč Nalezeno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.Protector
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíč Nalezeno : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíč Nalezeno : HKCU\Software\BackgroundContainer
Klíč Nalezeno : HKCU\Software\Conduit
Klíč Nalezeno : HKCU\Software\GetPrivate
Klíč Nalezeno : HKCU\Software\Linkey
Klíč Nalezeno : HKCU\Software\powerpack
Klíč Nalezeno : HKCU\Software\smarttweak
Klíč Nalezeno : HKCU\Software\Softonic
Klíč Nalezeno : HKCU\Software\SystemK
Klíč Nalezeno : HKCU\Software\torch
Klíč Nalezeno : HKCU\Software\WEBAPP
Klíč Nalezeno : HKCU\Software\Mail.Ru
Klíč Nalezeno : HKCU\Software\GreenTree Applications\YTD
Klíč Nalezeno : HKCU\Software\Systemk
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
Klíč Nalezeno : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klíč Nalezeno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\BackgroundContainer
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\Mail.Ru
Klíč Nalezeno : HKLM\SOFTWARE\Conduit
Klíč Nalezeno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Linkey
Klíč Nalezeno : HKLM\SOFTWARE\SystemK
Klíč Nalezeno : HKLM\SOFTWARE\torch
Klíč Nalezeno : HKLM\SOFTWARE\Webexp Enhanced
Klíč Nalezeno : HKLM\SOFTWARE\Mail.Ru
Klíč Nalezeno : HKLM\SOFTWARE\Systemk
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Linkey
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Tarma Installer
Klíč Nalezeno : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\BackgroundContainer
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Conduit
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\GetPrivate
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Linkey
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\powerpack
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\smarttweak
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Softonic
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\SystemK
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\torch
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\WEBAPP
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Mail.Ru
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\GreenTree Applications\YTD
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Systemk
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\AppDataLow\Toolbar
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\AppDataLow\Software\BackgroundContainer
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\AppDataLow\Software\Mail.Ru
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Klíč Nalezeno : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Data Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Data Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxps://safesearch.avira.com/#web/resul ... =repair&q=
Hodnota Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0E7FA4F7-1C6B-4ACF-B2AD-94EA46C842B3}]
Hodnota Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5F61795D-194F-44D2-8756-ECBDF9496E23}]
Hodnota Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F0161E02-B6FA-4512-BAAE-62F638E7D2D9}]
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\SearchScopes\{7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}
Data Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}
Klíč Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Hodnota Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [BackgroundContainer]
Hodnota Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Guard.Mail.ru.gui]
Hodnota Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [iLivid]
Hodnota Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpeedUpMyComputer]
Hodnota Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [UpdateMyDrivers]
Hodnota Nalezeno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WebCake Desktop]
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService

***** [ Prohlížeče ] *****

[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : default-search.net
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : ask.com
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : mystartsearch.com
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : mystartsearch
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Nalezeno : hxxp://www.mystartsearch.com/?type=hp&t ... 18AEZL18AX
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : fcfenmboojpjinhpgggodefccipikbpd
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : default-search.net
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : ask.com
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : mystartsearch.com
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : mystartsearch
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Nalezeno : hxxp://www.mystartsearch.com/?type=hp&t ... 18AEZL18AX
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : fcfenmboojpjinhpgggodefccipikbpd

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [20500 bytů] - [24/07/2016 21:38:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20574 bytů] ##########

vanis24 · Příspěvekod **vanis24** » 24 črc 2016 22:21

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 7. 2016
Čas skenování: 21:45
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.07.24.06
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 439801
Uplynulý čas: 31 min, 43 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 120
PUP.Optional.Linkey, HKLM\SOFTWARE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [6175190e0892f83ea8026d2310f2a55b],
PUP.Optional.Linkey, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [6175190e0892f83ea8026d2310f2a55b],
PUP.Optional.Linkey, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [6175190e0892f83ea8026d2310f2a55b],
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [c115d750039772c4f7f4761d32d0eb15],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [c115d750039772c4f7f4761d32d0eb15],
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}, , [c115d750039772c4f7f4761d32d0eb15],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}, , [d9fd51d63f5b1521f4f9f2a17f8355ab],
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}, , [d9fd51d63f5b1521f4f9f2a17f8355ab],
PUP.Optional.WebCake, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, , [c610f532abef2f07f7f5a6ed53afc739],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{AF6B0594-6008-4327-93E5-608AD710A6FA}, , [c610f532abef2f07f7f5a6ed53afc739],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}, , [cd0931f608926acc3a51840ca55f639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT3289075, , [cd0931f608926acc3a51840ca55f639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT3289075, , [cd0931f608926acc3a51840ca55f639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar.CT3289075, , [cd0931f608926acc3a51840ca55f639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}, , [cd0931f608926acc3a51840ca55f639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CD90659F-D5B2-4104-9504-7CA36E6532DF}, , [cd0931f608926acc3a51840ca55f639d],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [2caa52d5e9b1181ed17773247b88b947],
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\APPID\WebCakeIEClient.DLL, , [518582a5dac014229532982338cbe51b],
PUP.Optional.WebCake, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\WebCakeIEClient.DLL, , [84528e99a8f2b383d9eee2d9d231d729],
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\LINKEY, , [f6e079ae7822d660169f7f61798aca36],
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, , [b71f6bbc02981026ae9caa318182c838],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE, , [be18091e3f5bb38395b5921426dd27d9],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE, , [5482b374b2e820165fec36701ce760a0],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE, , [8b4b1c0be0babb7b59f35551ae559a66],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSEMNGR.EXE, , [498d93942c6ee94d84c99b0b1ce7e31d],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE, , [70664fd82d6d52e490be9c0acf3435cb],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERMNGR.EXE, , [73636bbce9b1bb7bb6997a2cfc0752ae],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE, , [c3134addbbdf67cf10403b6b37cc9f61],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE, , [fed805221882112563eed6d05aa938c8],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BUNDLESWEETIMSETUP.EXE, , [c313b96e3d5dd066183a5b4b9b681de3],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CLTMNGSVC.EXE, , [ddf967c0f4a65adc153fe4c245be619f],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA BABYLON.EXE, , [e7effb2cdbbf3bfbef67edb9dc2747b9],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA TB.EXE, , [a036d55278220234d483bde9d33015eb],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA2.EXE, , [35a16bbc4258b680e078c0e6778c2cd4],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTAINSTALLER.EXE, , [7462e2453367300661f83f677b881be5],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTASETUP.EXE, , [f7df4dda7a20b77f6cee6541c340f10f],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTATB.EXE, , [29adb0779a004ee86eed277f55ae758b],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTATB_2501-C733154B.EXE, , [607635f23c5e52e417453e68ef14f50b],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE, , [399d69beaeec999d3c23248204ff7789],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IMINENTSETUP.EXE, , [dff7ba6d8f0b6dc9690fb5f144bf2ad6],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP, , [558130f7fd9d75c11d5df5b11ee5669a],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE, , [dbfb29fec8d291a59be4159122e141bf],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RJATYDIMOFU.EXE, , [f2e487a0306a94a288f8812593705da3],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE, , [518539ee801a73c34d36f4b239ca0cf4],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE, , [f8de31f6b0eaa88edfa50e98cc3707f9],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE, , [9046ec3bf0aa63d3661f3c6a39cad22e],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE, , [775fe641d0ca56e0c5c1c3e3867da759],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE, , [fcda3ceb0595ea4cddaa099d03009967],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE, , [c80e2403316916200981ddc930d32ad6],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE, , [b422969119818fa7bfcd8d199b6840c0],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE, , [1bbb43e47d1d8ea8820b03a309fa41bf],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SWEETIMSETUP.EXE, , [488ed354f6a4261017770a9c33d05aa6],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE, , [6a6ccb5cdac096a06d283472bd4652ae],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE, , [f9dd05222a70c670f5a1d3d37d86a25e],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, , [9f37d453f1a92d090691871f7f8439c7],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, , [607607208911c17502966f37e91a4db3],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE, , [21b5b0772575a690e0b9d2d40ef523dd],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE, , [c90dbc6b3862e94d2278d8ce3cc735cb],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{476790AB-C174-44E3-AFCE-84917AFA2267}, , [cb0b9e8989110f273a65a14fe41f9f61],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BackgroundContainer Startup Task, , [19bdb374108ae74f3d16aa2f8d75c739],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [c1153bec53476bcbf689ce0bcf34f50b],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1, , [5a7c90978a104beb52d7b8f27f84e21e],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home540, , [825487a00298d75f86a2f5b50df60ff1],
PUP.Optional.SystemK, HKLM\SOFTWARE\WOW6432NODE\SystemK, , [785e6eb90d8de05604245d5b788bf907],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\WOW6432NODE\uTorrentControl_v6, , [14c237f062382a0cdc7b00baa55ec23e],
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\WebexpEnhancedV1, , [86509394c4d6b77f4993ab1022e10cf4],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, , [894d28ffdbbfec4a1335c7d055ae966a],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\WebCakeIEClient.DLL, , [8f47c067653552e43a8da81323e04fb1],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, , [2bab67c0a6f455e19b2fa318a65d54ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mmifolfpllfdhilecpdpmemhelmanajl, , [e4f2cf58306acf67c6e4405830d30bf5],
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\KMEHOCPCKJCKDKFDHHHAIJKHPJKMNHDG, , [379f2cfb5f3ba195f235e2c8c1429a66],
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\LINKEY, , [13c3a4830c8e95a1feb7e1ff11f2a759],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EBD29DE-0F87-4599-86B0-FEF7EE93311C}, , [6d69d057aceee6503ab4cbd1768d08f8],
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, , [9e3830f7287263d31238fcdfd231b64a],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE, , [904656d1f4a65ed87fcb26807f84b64a],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE, , [cd0914132476270f78d3782e649f2ed2],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE, , [f4e297903763f83ed27a51550df657a9],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSEMNGR.EXE, , [e8ee4ed9bedc0b2b1934c0e6aa59649c],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE, , [e8ee85a2475312243c124264c53e3cc4],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERMNGR.EXE, , [00d6e3440595c670440bc3e31ce701ff],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE, , [6e68b96eefab45f10848b8ee5aa9ce32],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE, , [4f8752d5bddd5cdaa2af6541b1526e92],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BUNDLESWEETIMSETUP.EXE, , [1db92205a1f9d6600c46b0f6eb186898],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CLTMNGSVC.EXE, , [ca0cce59b6e41224391b9e087291b14f],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA BABYLON.EXE, , [9e384cdb5149320482d405a161a28977],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA TB.EXE, , [f0e6c067dac064d214430a9c8c775ca4],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA2.EXE, , [9244b07737634ee85800acfacc376d93],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTAINSTALLER.EXE, , [0dc9af7874261620df7a9f0712f1ca36],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTASETUP.EXE, , [d7ffcc5b5c3ea78f36242b7b8a7922de],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTATB.EXE, , [2aac9c8b6535d75f6cef297dd72cd729],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTATB_2501-C733154B.EXE, , [4d89e74017831521104c5e48be453fc1],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE, , [8353f92efaa0a294154a9d092ad98080],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IMINENTSETUP.EXE, , [be18f235c7d3d462294f1e88986b748c],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP, , [b81e2304cdcd4aec02784f577093cf31],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE, , [ab2b23046931013589f62680778cfa06],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RJATYDIMOFU.EXE, , [568091961288270f463adacc19eaf907],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE, , [5185e0476a30be78285b6f37946f28d8],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE, , [4d892bfce2b88caa374db3f3be4539c7],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE, , [a630969117839a9c0184099df013b947],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE, , [7e5884a3fe9cde58bec86145b2516b95],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE, , [2da9bb6c178390a67611d3d3c0439967],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE, , [76601e09c3d7cc6a7a108b1b10f3e51b],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE, , [a4325ccb4159cc6a0488d8ce13f0a060],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE, , [20b6a5825a40a78f2a63fcaa6c9715eb],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SWEETIMSETUP.EXE, , [b323f136bbdf37ff5836891d4ab97a86],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE, , [676f8a9d534755e1cfc69313a85b6799],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE, , [6b6bd4538317b0861e783e6854af718f],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, , [e4f28d9a7a20f34317807432867df10f],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, , [1bbb9c8b5c3ead8950482482ca39b14f],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE, , [e2f4ea3dc2d8171f77229412ca39649c],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE, , [ad29b671b2e87eb88713a501cd3613ed],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [e5f11314603ab77fe29d2eab17ec31cf],
PUP.Optional.SettingsManager, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, , [c41242e5b6e4a393acf35a5a44bf0ff1],
PUP.Optional.SystemK, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\SystemK, , [7c5a67c0bddd75c18e9913a5af5440c0],
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [5f77ae791b7fae8885e6fbbc9f64e31d],
PUP.Optional.Linkey.AppFlsh, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\LINKEY, , [43936dba910991a5ae04885839ca6799],
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, , [b91da78096042115d772508be71cd729],
PUP.Optional.ICQ, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [2bab0621b6e461d5e34d970f9f64ed13],
PUP.Optional.Spigot, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}, , [a5312afd29715adc5a254175dc27837d],
PUP.Optional.Linkey.AppFlsh, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [c313fe29851572c4eac96878a75c7c84],

vanis24 · Příspěvekod **vanis24** » 24 črc 2016 22:22

Hodnoty registru: 104
PUP.Optional.uTorrentControl, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{96f454ea-9d38-474f-b504-56193e00c1a5}, , [b91d9097e6b469cd476dafe44cb6cf31],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{96F454EA-9D38-474F-B504-56193E00C1A5}, , [b91d9097e6b469cd476dafe44cb6cf31],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{96F454EA-9D38-474F-B504-56193E00C1A5}, uTorrentControl_v6 Toolbar, , [b91d9097e6b469cd476dafe44cb6cf31]
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{96F454EA-9D38-474F-B504-56193E00C1A5}, , [b91d9097e6b469cd476dafe44cb6cf31],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{96f454ea-9d38-474f-b504-56193e00c1a5}, , [884e6abd7624d462b9fb128120e2e020],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{96f454ea-9d38-474f-b504-56193e00c1a5}, , [5a7cad7ab2e847ef585ce0b353af837d],
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\LINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js, , [f6e079ae7822d660169f7f61798aca36]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, http://www.default-search.net/search?si ... &src=ds&p={searchTerms}, , [b71f6bbc02981026ae9caa318182c838]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, , [36a0af78dfbb0a2c020787199f640df3]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, http://www.default-search.net?sid=476&a ... &src=ds&p={searchTerms}&ft=json, , [4d89bc6b366467cfa168e2be030002fe]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE|debugger, tasklist.exe, , [be18091e3f5bb38395b5921426dd27d9]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE|debugger, tasklist.exe, , [5482b374b2e820165fec36701ce760a0]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE|debugger, tasklist.exe, , [8b4b1c0be0babb7b59f35551ae559a66]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSEMNGR.EXE|debugger, tasklist.exe, , [498d93942c6ee94d84c99b0b1ce7e31d]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE|debugger, tasklist.exe, , [70664fd82d6d52e490be9c0acf3435cb]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERMNGR.EXE|debugger, tasklist.exe, , [73636bbce9b1bb7bb6997a2cfc0752ae]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE|debugger, tasklist.exe, , [c3134addbbdf67cf10403b6b37cc9f61]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE|debugger, tasklist.exe, , [fed805221882112563eed6d05aa938c8]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BUNDLESWEETIMSETUP.EXE|debugger, tasklist.exe, , [c313b96e3d5dd066183a5b4b9b681de3]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CLTMNGSVC.EXE|debugger, tasklist.exe, , [ddf967c0f4a65adc153fe4c245be619f]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA BABYLON.EXE|debugger, tasklist.exe, , [e7effb2cdbbf3bfbef67edb9dc2747b9]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA TB.EXE|debugger, tasklist.exe, , [a036d55278220234d483bde9d33015eb]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA2.EXE|debugger, tasklist.exe, , [35a16bbc4258b680e078c0e6778c2cd4]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTAINSTALLER.EXE|debugger, tasklist.exe, , [7462e2453367300661f83f677b881be5]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTASETUP.EXE|debugger, tasklist.exe, , [f7df4dda7a20b77f6cee6541c340f10f]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTATB.EXE|debugger, tasklist.exe, , [29adb0779a004ee86eed277f55ae758b]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\deltatb_2501-c733154b.exe|debugger, tasklist.exe, , [607635f23c5e52e417453e68ef14f50b]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE|debugger, tasklist.exe, , [399d69beaeec999d3c23248204ff7789]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IMINENTSETUP.EXE|debugger, tasklist.exe, , [dff7ba6d8f0b6dc9690fb5f144bf2ad6]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP|debugger, tasklist.exe, , [558130f7fd9d75c11d5df5b11ee5669a]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE|debugger, tasklist.exe, , [dbfb29fec8d291a59be4159122e141bf]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RJATYDIMOFU.EXE|debugger, tasklist.exe, , [f2e487a0306a94a288f8812593705da3]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE|debugger, tasklist.exe, , [518539ee801a73c34d36f4b239ca0cf4]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE|debugger, tasklist.exe, , [f8de31f6b0eaa88edfa50e98cc3707f9]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE|debugger, tasklist.exe, , [9046ec3bf0aa63d3661f3c6a39cad22e]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE|debugger, tasklist.exe, , [775fe641d0ca56e0c5c1c3e3867da759]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE|debugger, tasklist.exe, , [fcda3ceb0595ea4cddaa099d03009967]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE|debugger, tasklist.exe, , [c80e2403316916200981ddc930d32ad6]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE|debugger, tasklist.exe, , [b422969119818fa7bfcd8d199b6840c0]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE|debugger, tasklist.exe, , [1bbb43e47d1d8ea8820b03a309fa41bf]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SWEETIMSETUP.EXE|debugger, tasklist.exe, , [488ed354f6a4261017770a9c33d05aa6]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE|debugger, tasklist.exe, , [6a6ccb5cdac096a06d283472bd4652ae]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE|debugger, tasklist.exe, , [f9dd05222a70c670f5a1d3d37d86a25e]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, , [9f37d453f1a92d090691871f7f8439c7]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, , [607607208911c17502966f37e91a4db3]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE|debugger, tasklist.exe, , [21b5b0772575a690e0b9d2d40ef523dd]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE|debugger, tasklist.exe, , [c90dbc6b3862e94d2278d8ce3cc735cb]
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{476790AB-C174-44E3-AFCE-84917AFA2267}|Path, \BackgroundContainer Startup Task, , [cb0b9e8989110f273a65a14fe41f9f61]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [c1153bec53476bcbf689ce0bcf34f50b]
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kmehocpckjckdkfdhhhaijkhpjkmnhdg|path, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home540\ch\MediaWatchV1home540.crx, , [379f2cfb5f3ba195f235e2c8c1429a66]
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\LINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js, , [13c3a4830c8e95a1feb7e1ff11f2a759]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EBD29DE-0F87-4599-86B0-FEF7EE93311C}|AppPath, C:\Users\Uživatel\AppData\Local\Conduit\CT3289075, , [6d69d057aceee6503ab4cbd1768d08f8]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, http://www.default-search.net/search?si ... &src=ds&p={searchTerms}, , [9e3830f7287263d31238fcdfd231b64a]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, , [ca0c3ceb7e1c340274957927976c12ee]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, http://www.default-search.net?sid=476&a ... &src=ds&p={searchTerms}&ft=json, , [5f771611b3e77abcc148dbc5d72cd030]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE|debugger, tasklist.exe, , [904656d1f4a65ed87fcb26807f84b64a]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE|debugger, tasklist.exe, , [cd0914132476270f78d3782e649f2ed2]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE|debugger, tasklist.exe, , [f4e297903763f83ed27a51550df657a9]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSEMNGR.EXE|debugger, tasklist.exe, , [e8ee4ed9bedc0b2b1934c0e6aa59649c]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE|debugger, tasklist.exe, , [e8ee85a2475312243c124264c53e3cc4]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERMNGR.EXE|debugger, tasklist.exe, , [00d6e3440595c670440bc3e31ce701ff]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE|debugger, tasklist.exe, , [6e68b96eefab45f10848b8ee5aa9ce32]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE|debugger, tasklist.exe, , [4f8752d5bddd5cdaa2af6541b1526e92]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BUNDLESWEETIMSETUP.EXE|debugger, tasklist.exe, , [1db92205a1f9d6600c46b0f6eb186898]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CLTMNGSVC.EXE|debugger, tasklist.exe, , [ca0cce59b6e41224391b9e087291b14f]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA BABYLON.EXE|debugger, tasklist.exe, , [9e384cdb5149320482d405a161a28977]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA TB.EXE|debugger, tasklist.exe, , [f0e6c067dac064d214430a9c8c775ca4]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTA2.EXE|debugger, tasklist.exe, , [9244b07737634ee85800acfacc376d93]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTAINSTALLER.EXE|debugger, tasklist.exe, , [0dc9af7874261620df7a9f0712f1ca36]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTASETUP.EXE|debugger, tasklist.exe, , [d7ffcc5b5c3ea78f36242b7b8a7922de]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DELTATB.EXE|debugger, tasklist.exe, , [2aac9c8b6535d75f6cef297dd72cd729]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\deltatb_2501-c733154b.exe|debugger, tasklist.exe, , [4d89e74017831521104c5e48be453fc1]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE|debugger, tasklist.exe, , [8353f92efaa0a294154a9d092ad98080]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IMINENTSETUP.EXE|debugger, tasklist.exe, , [be18f235c7d3d462294f1e88986b748c]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP|debugger, tasklist.exe, , [b81e2304cdcd4aec02784f577093cf31]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE|debugger, tasklist.exe, , [ab2b23046931013589f62680778cfa06]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RJATYDIMOFU.EXE|debugger, tasklist.exe, , [568091961288270f463adacc19eaf907]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE|debugger, tasklist.exe, , [5185e0476a30be78285b6f37946f28d8]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE|debugger, tasklist.exe, , [4d892bfce2b88caa374db3f3be4539c7]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE|debugger, tasklist.exe, , [a630969117839a9c0184099df013b947]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE|debugger, tasklist.exe, , [7e5884a3fe9cde58bec86145b2516b95]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE|debugger, tasklist.exe, , [2da9bb6c178390a67611d3d3c0439967]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE|debugger, tasklist.exe, , [76601e09c3d7cc6a7a108b1b10f3e51b]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE|debugger, tasklist.exe, , [a4325ccb4159cc6a0488d8ce13f0a060]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE|debugger, tasklist.exe, , [20b6a5825a40a78f2a63fcaa6c9715eb]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SWEETIMSETUP.EXE|debugger, tasklist.exe, , [b323f136bbdf37ff5836891d4ab97a86]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE|debugger, tasklist.exe, , [676f8a9d534755e1cfc69313a85b6799]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE|debugger, tasklist.exe, , [6b6bd4538317b0861e783e6854af718f]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, , [e4f28d9a7a20f34317807432867df10f]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, , [1bbb9c8b5c3ead8950482482ca39b14f]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE|debugger, tasklist.exe, , [e2f4ea3dc2d8171f77229412ca39649c]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE|debugger, tasklist.exe, , [ad29b671b2e87eb88713a501cd3613ed]
PUP.Optional.BetterSurf, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@bettersurfplus.com, C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff, , [cf076fb8e8b2c175c2ec7b1d52b16b95]
PUP.Optional.WebExpEnhanced, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@WebexpEnhancedV1alpha50.net, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha50\ff, , [cf070c1b346676c01ac197249d66de22]
PUP.Optional.MediaWatch, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home540.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home540\ff, , [1fb739ee2a7059ddff2b6f3b768db54b]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [e5f11314603ab77fe29d2eab17ec31cf]
PUP.Optional.SettingsManager, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK|browser, ie, , [4d8916113e5c3ef8544cb20220e3629e]
PUP.Optional.Linkey.AppFlsh, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\LINKEY|home, C:\Program Files (x86)\Linkey, , [43936dba910991a5ae04885839ca6799]
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, http://www.default-search.net/search?si ... &src=ds&p={searchTerms}, , [b91da78096042115d772508be71cd729]
PUP.Optional.ICQ, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd, , [2bab0621b6e461d5e34d970f9f64ed13]
PUP.Optional.ICQ, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [eee87fa85a4044f287a99e08d0339769]
PUP.Optional.Spigot, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}|URL, https://search.yahoo.com/search?fr=chr- ... =501549&p={searchTerms}, , [a5312afd29715adc5a254175dc27837d]
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, , [8155c463b3e76fc75daa0d9356adf709]
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1718081776-1269654210-645993998-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, http://www.default-search.net?sid=476&a ... &src=ds&p={searchTerms}&ft=json, , [7b5bc067adedbb7bb057d6caac579868]

vanis24 · Příspěvekod **vanis24** » 24 črc 2016 22:22

Data registru: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[1db9d65173271b1bc77d393e838140c0]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[bf17dc4b0298bb7b63e1e691f70da858]

Složky: 226
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7243239280829360841, , [18be5ec9bddd1c1a150a95ff53b025db],
PUP.Optional.CrossRider, C:\Program Files (x86)\TheGoPhoto.it V10, , [13c353d4a9f1f1453881bbe39271c33d],
PUP.Optional.CrossRider, C:\Program Files (x86)\TheTorntv V10, , [81556fb80991fb3b8534f3abe41f21df],
PUP.Optional.MultiPlug, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofekaindcmmojfnfgbpklepkjfilcep\166, , [4f87b077dbbf6bcbb31a3c70c73ce51b],
PUP.Optional.MultiPlug, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofekaindcmmojfnfgbpklepkjfilcep, , [4f87b077dbbf6bcbb31a3c70c73ce51b],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, , [10c649de6d2ded491ba69f1c2ed5916f],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache, , [10c649de6d2ded491ba69f1c2ed5916f],
PUP.Optional.WebCake, C:\Users\Uživatel\AppData\Roaming\WebCake, , [33a3161139615adcba08536856adda26],
PUP.Optional.WebCake, C:\Users\Uživatel\AppData\Roaming\WebCake\dat, , [33a3161139615adcba08536856adda26],
PUP.Optional.WebCake, C:\Users\Uživatel\AppData\Roaming\WebCake\dat\update, , [33a3161139615adcba08536856adda26],
PUP.Optional.Software.Updater, C:\Users\Uživatel\AppData\Local\SwvUpdater, , [82547ea90b8f81b562efb9054cb745bb],
PUP.Optional.DataMngr.AppFlsh, C:\ProgramData\Wincert, , [7165fe29772391a556eb419d6d9641bf],
PUP.Optional.OpenCandy, C:\Users\Uživatel\AppData\Roaming\OpenCandy, , [706635f2b5e5c175ed6baef6e31fee12],
PUP.Optional.OpenCandy, C:\Users\Uživatel\AppData\Roaming\OpenCandy\0CEEA58EBEA946A5BE496D6F1FFBE24B, , [706635f2b5e5c175ed6baef6e31fee12],
PUP.Optional.OpenCandy, C:\Users\Uživatel\AppData\Roaming\OpenCandy\352AED4B2534472F9C16B44579402E12, , [706635f2b5e5c175ed6baef6e31fee12],
PUP.Optional.OpenCandy, C:\Users\Uživatel\AppData\Roaming\OpenCandy\8427375858A94576B2ED2B7344EB24E3, , [706635f2b5e5c175ed6baef6e31fee12],
PUP.Optional.OpenCandy, C:\Users\Uživatel\AppData\Roaming\OpenCandy\87D92EBE8A864637957CF34EBF24C262, , [706635f2b5e5c175ed6baef6e31fee12],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update, , [54828b9c2773d1656ee04f5d3bc7a957],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Download, , [54828b9c2773d1656ee04f5d3bc7a957],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Install, , [54828b9c2773d1656ee04f5d3bc7a957],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Offline, , [54828b9c2773d1656ee04f5d3bc7a957],
PUP.Optional.GlobalUpdate, C:\Program Files (x86)\globalUpdate\Update\Offline\{394D4F59-E402-44C3-9939-3E6BCF8AFFFC}, , [54828b9c2773d1656ee04f5d3bc7a957],
PUP.Optional.Betcat, C:\Users\Uživatel\AppData\Roaming\Betcat, , [34a26cbbf8a284b216a898157e84d828],
PUP.Optional.Betcat, C:\Users\Uživatel\AppData\Roaming\Betcat\dat, , [34a26cbbf8a284b216a898157e84d828],
PUP.Optional.Betcat, C:\Users\Uživatel\AppData\Roaming\Betcat\dat\update, , [34a26cbbf8a284b216a898157e84d828],
PUP.Optional.Conduit, C:\ProgramData\Conduit\IE, , [19bdf136bbdf9d99c71701ae6f93bf41],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR, , [716577b0bddd6bcbf8018b2ae9192cd4],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar, , [8551e7409a00b482609bcbeab74bf709],
PUP.Optional.MediaWatch, C:\Program Files (x86)\MediaWatchV1, , [b32330f75c3ebe7807c856617a88c838],
PUP.Optional.MediaWatch, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home540, , [b32330f75c3ebe7807c856617a88c838],
PUP.Optional.MediaWatch, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home540\ch, , [b32330f75c3ebe7807c856617a88c838],
PUP.Optional.MediaWatch, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home540\ie, , [b32330f75c3ebe7807c856617a88c838],
PUP.Optional.SettingsManager, C:\Program Files (x86)\Settings Manager\systemk, , [fcda1215aaf0b6802de3219c18eae61a],
PUP.Optional.SettingsManager, C:\Program Files (x86)\Settings Manager\systemk\x64, , [fcda1215aaf0b6802de3219c18eae61a],
PUP.Optional.uTorrentControl, C:\Program Files (x86)\uTorrentControl_v6, , [d105cf58d0ca55e111abf5ca867c916f],
PUP.Optional.uTorrentControl, C:\Users\Uživatel\AppData\LocalLow\uTorrentControl_v6, , [24b22106623886b0467888372fd3659b],
PUP.Optional.uTorrentControl, C:\Users\Uživatel\AppData\LocalLow\uTorrentControl_v6\Logs, , [24b22106623886b0467888372fd3659b],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ch, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ff, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ff\chrome, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ff\chrome\content, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ff\chrome\content\icons, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ff\chrome\content\icons\default, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.VideoPlayer, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta86\ie, , [e7ef41e67e1cc86edc15eed13cc602fe],
PUP.Optional.DataMngr.AppFlsh, C:\Users\Uživatel\AppData\LocalLow\DataMngr, , [676fc46398022115167c3f8526dc669a],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer, , [f2e4bd6ac0da4ee8c7e1a2228d754bb5],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}, , [f2e4bd6ac0da4ee8c7e1a2228d754bb5],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache, , [f2e4bd6ac0da4ee8c7e1a2228d754bb5],
PUP.Optional.CrossRider, C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieejjmmgeihokfnlipbofpgnajfkdbbo, , [9b3b29fe42582f0740dce9dc2ad8b848],
PUP.Optional.CrossRider, C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieejjmmgeihokfnlipbofpgnajfkdbbo\1.26.9_0, , [9b3b29fe42582f0740dce9dc2ad8b848],
PUP.Optional.CrossRider, C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieejjmmgeihokfnlipbofpgnajfkdbbo\1.26.9_0\extensionData, , [9b3b29fe42582f0740dce9dc2ad8b848],
PUP.Optional.CrossRider, C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieejjmmgeihokfnlipbofpgnajfkdbbo\1.26.9_0\icons, , [9b3b29fe42582f0740dce9dc2ad8b848],
PUP.Optional.CrossRider, C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieejjmmgeihokfnlipbofpgnajfkdbbo\1.26.9_0\icons\actions, , [9b3b29fe42582f0740dce9dc2ad8b848],
PUP.Optional.CrossRider, C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieejjmmgeihokfnlipbofpgnajfkdbbo\1.26.9_0\js, , [9b3b29fe42582f0740dce9dc2ad8b848],
PUP.Optional.Conduit, C:\Users\Uživatel\AppData\LocalLow\Conduit, , [ab2bb473cdcd5fd76dbb3493857d21df],
PUP.Optional.Conduit, C:\Users\Uživatel\AppData\LocalLow\Conduit\Community Alerts, , [ab2bb473cdcd5fd76dbb3493857d21df],
PUP.Optional.Conduit, C:\Users\Uživatel\AppData\LocalLow\Conduit\Community Alerts\Log, , [ab2bb473cdcd5fd76dbb3493857d21df],
PUP.Optional.ConduitTB.Gen, C:\ProgramData\Conduit, , [2fa7a483683267cfc7060abdef130ff1],
PUP.Optional.ConduitTB.Gen, C:\ProgramData\Conduit\Multi, , [2fa7a483683267cfc7060abdef130ff1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ar, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\bg, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ca, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\cs, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\da, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\de, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\el, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\en_GB, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\en_US, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\es, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\es_419, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\et, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\fi, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\fil, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\fr, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\he, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\hi, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\hu, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\id, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\it, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ja, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ko, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\lt, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\lv, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ms, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\nl, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\no, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\pl, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\pt_BR, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\pt_PT, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ro, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\ru, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\sk, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\sl, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\sr, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\sv, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\th, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\tr, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\uk, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\vi, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\zh_CN, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_locales\zh_TW, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\_metadata, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake, , [09cd43e4bae0e0568d2b851627ddeb15],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common\libs, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common\mocks, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common\scripts, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common\skin, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common\skin\css, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\common\skin\img, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\scripts, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ar, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\be, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\bg, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\bn, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ca, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\cs, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\da, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\de, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\el, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\en, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\en_GB, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\es, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\et, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\fa, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\fi, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\fr, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\he, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\hi, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\hr, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\hu, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\id, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\it, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ja, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ko, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\lt, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\lv, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ms, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\nb, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\nl, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\pl, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\pt_BR, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\pt_PT, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ro, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ru, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\sk, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\sl, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\sr, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\sv, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\th, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\tr, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\uk, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\ur, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\vi, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\zh_CN, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\_locales\zh_TW, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki, , [5680a285504af93d9523a8f3a361857b],
PUP.Optional.MediaWatch, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmehocpckjckdkfdhhhaijkhpjkmnhdg\1.1_0, , [dafc45e22575eb4b47880f8b5da77d83],
PUP.Optional.MediaWatch, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmehocpckjckdkfdhhhaijkhpjkmnhdg\1.1_0\images, , [dafc45e22575eb4b47880f8b5da77d83],
PUP.Optional.MediaWatch, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmehocpckjckdkfdhhhaijkhpjkmnhdg, , [dafc45e22575eb4b47880f8b5da77d83],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0, , [ce0840e70595f343a810306bc83ca65a],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl, , [ce0840e70595f343a810306bc83ca65a],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13307_0, , [ce0840e70595f343a810306bc83ca65a],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW, , [1eb81017267447ef4d6bcdce5aaa1fe1],
PUP.Optional.HijackModifiedExtension, C:\Users\Guest.NB-Win8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, , [1eb81017267447ef4d6bcdce5aaa1fe1],

vanis24 · Příspěvekod **vanis24** » 24 črc 2016 22:22

to by mělo být vše

Příspěvekod **jaro3** » 25 črc 2016 10:14

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

vanis24 · Příspěvekod **vanis24** » 27 črc 2016 19:01

# AdwCleaner v5.201 - Log vytvořen 27/07/2016 v 18:54:53
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-27.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : Pavel - NB-WIN8
# Spuštěno z : C:\Users\Uživatel\Desktop\AdwCleaner.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : PanService

***** [ Složky ] *****

[+] Složka Smazáno : C:\ProgramData\BitGuard
[+] Složka Smazáno : C:\ProgramData\Browser Manager
[+] Složka Smazáno : C:\ProgramData\BrowserProtect
[-] Složka Smazáno : C:\ProgramData\Conduit
[-] Složka Smazáno : C:\ProgramData\ICQ\ICQToolbar
[-] Složka Smazáno : C:\ProgramData\systemk
[-] Složka Smazáno : C:\ProgramData\Tarma Installer
[-] Složka Smazáno : C:\ProgramData\torchcrashhandler
[-] Složka Smazáno : C:\ProgramData\wincert
[-] Složka Smazáno : C:\ProgramData\ytd video downloader
[-] Složka Smazáno : C:\ProgramData\7243239280829360841
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Složka Smazáno : C:\Program Files (x86)\Conduit
[-] Složka Smazáno : C:\Program Files (x86)\globalUpdate
[-] Složka Smazáno : C:\Program Files (x86)\GreenTree Applications
[-] Složka Smazáno : C:\Program Files (x86)\ICQ6Toolbar
[-] Složka Smazáno : C:\Program Files (x86)\Linkey
[-] Složka Smazáno : C:\Program Files (x86)\PANDORA.TV
[-] Složka Smazáno : C:\Program Files (x86)\Settings Manager
[-] Složka Smazáno : C:\Program Files (x86)\SmartTweak
[-] Složka Smazáno : C:\Program Files (x86)\TheGoPhoto.it V10
[-] Složka Smazáno : C:\Program Files (x86)\TheTorntv V10
[#] Složka Smazáno : C:\Program Files (x86)\TheTorntv V10
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Local\globalUpdate
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Local\SwvUpdater
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Local\torch
[-] Složka Smazáno : C:\Users\Uživatel\AppData\LocalLow\Conduit
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\Betcat
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\OpenCandy
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\SkypEmoticons
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\WebCake
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
[-] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Local\globalUpdate
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Local\SwvUpdater
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Local\torch
[#] Složka Smazáno : C:\Users\Uživatel\AppData\LocalLow\Conduit
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\Betcat
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\OpenCandy
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\SkypEmoticons
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\WebCake
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
[#] Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
[-] Složka Smazáno : C:\extensions

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\END
[-] Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[-] Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml
[-] Soubor Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[-] Soubor Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[-] Soubor Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[#] Soubor Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[#] Soubor Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[#] Soubor Smazáno : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : AmiUpdXp
[-] Úloha Smazáno : BackgroundContainer Startup Task

***** [ Registry ] *****

[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\iedll.dll
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\Torch.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\TorchVLC
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r1207-n-bf.exe
[-] Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
[-] Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Updater.AmiUpd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Klíč Smazáno : HKCU\Software\BackgroundContainer
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\GetPrivate
[-] Klíč Smazáno : HKCU\Software\Linkey
[-] Klíč Smazáno : HKCU\Software\powerpack
[-] Klíč Smazáno : HKCU\Software\smarttweak
[-] Klíč Smazáno : HKCU\Software\Softonic
[-] Klíč Smazáno : HKCU\Software\SystemK
[-] Klíč Smazáno : HKCU\Software\torch
[-] Klíč Smazáno : HKCU\Software\WEBAPP
[-] Klíč Smazáno : HKCU\Software\Mail.Ru
[-] Klíč Smazáno : HKCU\Software\GreenTree Applications\YTD
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč Smazáno : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Klíč Smazáno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Toolbar
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
[-] Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Linkey
[-] Klíč Smazáno : HKLM\SOFTWARE\SystemK
[-] Klíč Smazáno : HKLM\SOFTWARE\torch
[-] Klíč Smazáno : HKLM\SOFTWARE\Webexp Enhanced
[-] Klíč Smazáno : HKLM\SOFTWARE\Mail.Ru
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Linkey
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Obnoveno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Obnoveno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0E7FA4F7-1C6B-4ACF-B2AD-94EA46C842B3}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5F61795D-194F-44D2-8756-ECBDF9496E23}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F0161E02-B6FA-4512-BAAE-62F638E7D2D9}]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7599A6FA-3DEF-48D2-A68F-510F2BE8A8B6}
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Data Obnoveno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Hodnota Smazáno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [BackgroundContainer]
[-] Hodnota Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Guard.Mail.ru.gui]
[-] Hodnota Smazáno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [iLivid]
[-] Hodnota Smazáno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpeedUpMyComputer]
[-] Hodnota Smazáno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [UpdateMyDrivers]
[-] Hodnota Smazáno : HKU\S-1-5-21-1718081776-1269654210-645993998-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WebCake Desktop]
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService

***** [ Prohlížeče ] *****

[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : default-search.net
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : ask.com
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mystartsearch.com
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mystartsearch
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Smazáno : hxxp://www.mystartsearch.com/?type=hp&t ... 18AEZL18AX
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : default-search.net
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : ask.com
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mystartsearch.com
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mystartsearch
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Smazáno : hxxp://www.mystartsearch.com/?type=hp&t ... 18AEZL18AX
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [382 bytů] - [27/07/2016 18:53:32]
C:\AdwCleaner\AdwCleaner[C2].txt - [17798 bytů] - [27/07/2016 18:54:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [20686 bytů] - [24/07/2016 21:38:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [19794 bytů] - [27/07/2016 18:45:06]
C:\AdwCleaner\AdwCleaner[S3].txt - [20906 bytů] - [27/07/2016 18:53:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [18094 bytů] ##########

vanis24 · Příspěvekod **vanis24** » 27 črc 2016 19:13

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Pavel (Administrator) on st 27. 07. 2016 at 19:06:43,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 5

Successfully deleted: C:\Program Files (x86)\MediaWatchV1 (Folder)
Successfully deleted: C:\Program Files (x86)\VideoPlayerV3 (Folder)
Successfully deleted: C:\Users\U§ivatel\Appdata\LocalLow\datamngr (Folder)
Successfully deleted: C:\Users\U§ivatel\AppData\Roaming\Mozilla\Firefox\Profiles\LYYPVL9o.default\extensions\safesearchplus@avira.com\search.xml (File)
Successfully deleted: C:\Program Files (x86)\company (Folder)

Registry: 4

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{96f454ea-9d38-474f-b504-56193e00c1a5} (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 27. 07. 2016 at 19:10:22,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vanis24 · Příspěvekod **vanis24** » 27 črc 2016 21:40

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27. 7. 2016
Čas skenování: 21:15
Protokol:
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2016.07.27.09
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 440207
Uplynulý čas: 40 min, 56 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jaro3** » 27 črc 2016 22:11

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

prosím o kontrolu, zlobí režim spánku

prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Re: prosím o kontrolu, zlobí režim spánku

Kdo je online