Skor ako si stihol odpisat som uz pustil MBAM a da vsetko do karanteny
Nasledne som restartoval pc a pustil AdwCleaner a tiez som dal vsetko odstranit. Logy prikladam
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12.2.2015
Scan Time: 9:12:23
Logfile: mallwarebytes anti-malware.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.02.12.02
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Palko
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346501
Time Elapsed: 10 min, 41 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlservice.exe, 2504, , [94fe56c73d4da88e9358a729c0457d83]
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe, 8220, , [1b77879656349c9aad3ed000a06541bf]
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe, 8992, , [0e84f726800a3cfae80319b7d03512ee]
Modules: 0
(No malicious items detected)
Registry Keys: 2
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RelevantKnowledge, , [94fe56c73d4da88e9358a729c0457d83],
PUP.Optional.RelevantKnowledge, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{d08d9f98-1c78-4704-87e6-368b0023d831}, , [1b77879656349c9aad3ed000a06541bf],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge, , [811146d74c3ef2446fc0a2a647bc857b],
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge, , [8f030f0e4545a393fc5584c705feef11],
Files: 16
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlservice.exe, , [94fe56c73d4da88e9358a729c0457d83],
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe, , [1b77879656349c9aad3ed000a06541bf],
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe, , [0e84f726800a3cfae80319b7d03512ee],
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe, , [652d30edcfbb95a1bc2f4a86df26da26],
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlls.dll, , [d7bb3fdefe8c221485660ac6768f669a],
PUP.Optional.RelevantKnowledge, C:\Program Files (x86)\RelevantKnowledge\rlls64.dll, , [efa340dd494176c064879b353dc84eb2],
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rlls64.dll, , [0f838598b7d303333dae7c54b74e40c0],
PUP.Optional.RelevantKnowledge, C:\Windows\SysWOW64\rlls.dll, , [751d5fbe94f67fb7e605e8e8d92c22de],
PUP.Optional.RelevantKnowledge, C:\Users\Palko\AppData\Local\Temp\CSMB12A.tmp, , [fa983ce1bad0cb6b948917aed82db54b],
PUP.Optional.AZLyrics.A, C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage, , [177b0518a8e293a3eabb75202cd737c9],
PUP.Optional.AZLyrics.A, C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal, , [860cd449d8b24bebe4c174219271f010],
Trojan.Agent, C:\Windows\SysWOW64\rlls.dll, , [aee4d14c90fa3303bc29101623e1718f],
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\ncncf.dat, , [811146d74c3ef2446fc0a2a647bc857b],
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\readme.txt, , [811146d74c3ef2446fc0a2a647bc857b],
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\rloci.bin, , [811146d74c3ef2446fc0a2a647bc857b],
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\RelevantKnowledge.lnk, , [8f030f0e4545a393fc5584c705feef11],
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v4.110 - Logfile created 12/02/2015 at 09:56:36
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Palko - PALKO-840
# Running from : C:\Users\Palko\Downloads\adwcleaner_4.110.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
Folder Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc
Folder Found : C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Folder Found : C:\Users\Palko\AppData\Local\PackageAware
Folder Found : C:\Users\Palko\AppData\Roaming\pdfforge
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v33.1.1 (x86 sk)
-\\ Google Chrome v40.0.2214.111
[C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxps://software.ecmwf.int/wiki/dosearchsite.action?queryString={searchTerms}
[C:\Users\Palko\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
-\\ Opera v27.0.1689.69
*************************
AdwCleaner[R0].txt - [2921 bytes] - [12/02/2015 09:39:26]
AdwCleaner[R1].txt - [3022 bytes] - [12/02/2015 09:56:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [3081 bytes] ##########
Uvolnete nejake misto na disku, system se dusi.