# AdwCleaner v5.102 - Logfile created 17/03/2016 at 17:32:02
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows 10 Enterprise (x64)
# Username : Kuba - KUBA-PC
# Running from : D:\Stažené soubory\adwcleaner_5.102.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles
Folder Found : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl
Folder Found : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Folder Found : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
Folder Found : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi
Folder Found : C:\Users\Kuba\AppData\Roaming\SpringFiles
***** [ Files ] *****
***** [ DLL ] *****
***** [ Shortcuts ] *****
Shortcut Infected : C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1452526689&a=1004983&src=sh&uuid=2440e86d-cc85-4fc7-ad72-48efdb87df8c" )
Shortcut Infected : C:\Users\Kuba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1452526689&a=1004983&src=sh&uuid=2440e86d-cc85-4fc7-ad72-48efdb87df8c" )
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\0b16c3710bc1b77322ade8ae6a31b4e7
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://houmpage.com/?src=hp&ssid=145252 ... a750274a87
Data Found : HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://houmpage.com/?src=hp&ssid=145252 ... a750274a87
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf34d395-9ff1-49a0-98a5-8db1636431b1}
Key Found : HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\Software\Microsoft\Internet Explorer\SearchScopes\{cf34d395-9ff1-49a0-98a5-8db1636431b1}
***** [ Web browsers ] *****
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : autodesk-homestyler.en.softonic.com
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : norton-partition-magic.nl.softonic.com
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : webcamxp.en.softonic.com
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : feed.snapdo.com
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : windows-10.en.softonic.com
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : javaexe.en.softonic.com
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ablgnpngfaaficpckehadaljnjgjkhbi
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : mppnoffgpafgpgbaigljliadgbnhljfl
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : nafaimnnclfjfedmmabolbppcngeolgf
[C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : papbadoldddalgcjcicnikcfenodpghp
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [3102 bytes] - [17/03/2016 17:30:54]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [3758 bytes] - [17/03/2016 17:32:02]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [3851 bytes] ##########
PC dropy Vyřešeno
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17.3.2016
Čas skenování: 17:35
Protokol: Malware bite.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.03.17.04
Databáze rootkitů: v2016.03.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Kuba
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 377991
Uplynulý čas: 2 min, 33 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 1
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF34D395-9FF1-49A0-98A5-8DB1636431B1}, , [29af523644553bfb55526913fc0858a8],
Hodnoty registru: 3
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CONTROLSET001\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://unstopp.me/wpad.dat?82c0d5b20f6aa50467b3126da192e2174126755, , [2dab790f950448eea88be1aa54b01be5]
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{cf34d395-9ff1-49a0-98a5-8db1636431b1}|URL, http://houmpage.com/search/?src=ds&q={searchTerms}&ssid=1452526170&a=1041104&uuid=e9d6b434-5589-4356-8fe5-2ea750274a87, , [29af523644553bfb55526913fc0858a8]
Hijack.AutoConfigURL.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstopp.me/wpad.dat?82c0d5b20f6a ... 2174126755, , [2fa961279ffab77f67f97dfddd2703fd]
Data registru: 1
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://houmpage.com/?src=hp&ssid=145252 ... a750274a87, Dobré: (www.google.com), Špatné: (http://houmpage.com/?src=hp&ssid=145252 ... a750274a87),,[894fc0c82b6ea2940fd34bd2858032ce]
Složky: 26
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\config, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\common, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\partner, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\_metadata, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.SpringFiles, C:\Users\Kuba\AppData\Roaming\SpringFiles, , [fcdca5e3cdcc7eb8e012a56be023a060],
PUP.Optional.SpringFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles, , [3d9bdfa958411b1b74e4ed2ab3507b85],
Soubory: 33
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\backg.js, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\manifest.json, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\script.js, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-128.png, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-16.png, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-48.png, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo\pinkio.js, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata\verified_contents.json, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\manifest.json, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\aes.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js.bak, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\mode-ecb.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\utils.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config\build.json, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\newtab-hp.html, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js\newtab-hp.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common\redirect.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\background.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\Reporting.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata\verified_contents.json, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\manifest.json, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\aes.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\config.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\config.js.bak, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\mode-ecb.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\utils.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\config\build.json, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\common\redirect.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\partner\background.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\partner\Reporting.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\_metadata\verified_contents.json, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.SpringFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles\SpringFiles.lnk, , [3d9bdfa958411b1b74e4ed2ab3507b85],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 17.3.2016
Čas skenování: 17:35
Protokol: Malware bite.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.03.17.04
Databáze rootkitů: v2016.03.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Kuba
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 377991
Uplynulý čas: 2 min, 33 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 1
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF34D395-9FF1-49A0-98A5-8DB1636431B1}, , [29af523644553bfb55526913fc0858a8],
Hodnoty registru: 3
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CONTROLSET001\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://unstopp.me/wpad.dat?82c0d5b20f6aa50467b3126da192e2174126755, , [2dab790f950448eea88be1aa54b01be5]
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{cf34d395-9ff1-49a0-98a5-8db1636431b1}|URL, http://houmpage.com/search/?src=ds&q={searchTerms}&ssid=1452526170&a=1041104&uuid=e9d6b434-5589-4356-8fe5-2ea750274a87, , [29af523644553bfb55526913fc0858a8]
Hijack.AutoConfigURL.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstopp.me/wpad.dat?82c0d5b20f6a ... 2174126755, , [2fa961279ffab77f67f97dfddd2703fd]
Data registru: 1
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-3313306934-2274467357-1670545691-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://houmpage.com/?src=hp&ssid=145252 ... a750274a87, Dobré: (www.google.com), Špatné: (http://houmpage.com/?src=hp&ssid=145252 ... a750274a87),,[894fc0c82b6ea2940fd34bd2858032ce]
Složky: 26
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\config, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\common, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\partner, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\_metadata, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.SpringFiles, C:\Users\Kuba\AppData\Roaming\SpringFiles, , [fcdca5e3cdcc7eb8e012a56be023a060],
PUP.Optional.SpringFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles, , [3d9bdfa958411b1b74e4ed2ab3507b85],
Soubory: 33
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\backg.js, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\manifest.json, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\script.js, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-128.png, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-16.png, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-48.png, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo\pinkio.js, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata\verified_contents.json, , [1fb9bace7227d066b7acd3184bb716ea],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\manifest.json, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\aes.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js.bak, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\mode-ecb.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\utils.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config\build.json, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\newtab-hp.html, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js\newtab-hp.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common\redirect.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\background.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\Reporting.js, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata\verified_contents.json, , [7266f395c7d2fc3a1d032ad1bb47d32d],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\manifest.json, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\aes.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\config.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\config.js.bak, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\mode-ecb.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\common\utils.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\config\build.json, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\common\redirect.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\partner\background.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\settings\partner\Reporting.js, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl\1.1_0\_metadata\verified_contents.json, , [aa2edcac8316a78f4df65eb2b15242be],
PUP.Optional.SpringFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles\SpringFiles.lnk, , [3d9bdfa958411b1b74e4ed2ab3507b85],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
Hotovo :))
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
A dál ?
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
Nechci nic říkat ale vypadá to na vir protože se mi to děje i ve windowsech stáhl jsem si asi 2 antiviry tak to pořádně pročistím :(( dyštak zkusím reinstal windows
-
WinDroid
- Level 6.5
- Příspěvky: 3771
- Registrován: srpen 14
- Bydliště: Plzeň
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: PC dropy
Nic nedělej, čekej na ty co pomáhají v těchhle tématech.. Nejsou tu nonstop a nikdo je za to neplatí..
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
dobře počkám :))
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: PC dropy
Jak píše WinDroid, tím, že tady budeš spamovat to neurychlíš 
Jsme jen lidé a máme vlastní problémy, práci nebo školu, rodinu, povinnosti doma ... a nemůžeme tu být pořád.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Jsme jen lidé a máme vlastní problémy, práci nebo školu, rodinu, povinnosti doma ... a nemůžeme tu být pořád.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
# AdwCleaner v5.102 - Logfile created 18/03/2016 at 17:32:49
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows 10 Enterprise (x64)
# Username : Kuba - KUBA-PC
# Running from : D:\Stažené soubory\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\0b16c3710bc1b77322ade8ae6a31b4e7
***** [ Web browsers ] *****
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ablgnpngfaaficpckehadaljnjgjkhbi
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mppnoffgpafgpgbaigljliadgbnhljfl
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : papbadoldddalgcjcicnikcfenodpghp
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1439 bytes] - [18/03/2016 17:32:49]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [3102 bytes] - [17/03/2016 17:30:54]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [3950 bytes] - [17/03/2016 17:32:02]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S3].txt - [1692 bytes] - [18/03/2016 17:32:01]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1811 bytes] ##########
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows 10 Enterprise (x64)
# Username : Kuba - KUBA-PC
# Running from : D:\Stažené soubory\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\0b16c3710bc1b77322ade8ae6a31b4e7
***** [ Web browsers ] *****
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ablgnpngfaaficpckehadaljnjgjkhbi
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mppnoffgpafgpgbaigljliadgbnhljfl
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf
[-] [C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : papbadoldddalgcjcicnikcfenodpghp
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1439 bytes] - [18/03/2016 17:32:49]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [3102 bytes] - [17/03/2016 17:30:54]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [3950 bytes] - [17/03/2016 17:32:02]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S3].txt - [1692 bytes] - [18/03/2016 17:32:01]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1811 bytes] ##########
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
2)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 18.3.2016
Čas skenování: 17:37
Protokol: PC dropy.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.03.18.04
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Kuba
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 378649
Uplynulý čas: 2 min, 36 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 16
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata, , [82baa8e11e7bee487cc126d620e2d729],
Soubory: 24
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage, , [b7857e0bd1c833030e3adf66ee16e51b],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal, , [e755f792a6f365d1cd7b341159ab51af],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\backg.js, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\manifest.json, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\script.js, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-128.png, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-16.png, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-48.png, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo\pinkio.js, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata\verified_contents.json, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\manifest.json, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\aes.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js.bak, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\mode-ecb.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\utils.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config\build.json, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\newtab-hp.html, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js\newtab-hp.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common\redirect.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\background.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\Reporting.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata\computed_hashes.json, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata\verified_contents.json, , [82baa8e11e7bee487cc126d620e2d729],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 18.3.2016
Čas skenování: 17:37
Protokol: PC dropy.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.03.18.04
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Kuba
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 378649
Uplynulý čas: 2 min, 36 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 16
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata, , [82baa8e11e7bee487cc126d620e2d729],
Soubory: 24
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage, , [b7857e0bd1c833030e3adf66ee16e51b],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal, , [e755f792a6f365d1cd7b341159ab51af],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\backg.js, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\manifest.json, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\script.js, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-128.png, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-16.png, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\dumbs\icon-48.png, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\resources\foo\pinkio.js, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.CinemaPlus, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\0.1_0\_metadata\verified_contents.json, , [df5dddac61383501ff816f7d3bc7629e],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\manifest.json, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\aes.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\config.js.bak, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\mode-ecb.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\common\utils.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\config\build.json, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\newtab-hp.html, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\newtab\js\newtab-hp.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\common\redirect.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\background.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\settings\partner\Reporting.js, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata\computed_hashes.json, , [82baa8e11e7bee487cc126d620e2d729],
PUP.Optional.Ilivid, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf\1.1_0\_metadata\verified_contents.json, , [82baa8e11e7bee487cc126d620e2d729],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
3)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Enterprise x64
Ran by Kuba (Administrator) on p 18.03.2016 at 17:44:55,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Deleted the following from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\a02slw7r.default\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\Kuba\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a02slw7r.default\
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 18.03.2016 at 17:45:50,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Enterprise x64
Ran by Kuba (Administrator) on p 18.03.2016 at 17:44:55,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Deleted the following from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\a02slw7r.default\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\Kuba\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a02slw7r.default\
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 18.03.2016 at 17:45:50,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Kuba jiřík
- nováček
- Příspěvky: 47
- Registrován: březen 16
- Pohlaví:
- Stav:
Offline
Re: PC dropy
4)
RogueKiller V12.0.2.0 (x64) [Mar 14 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : Kuba [Práva správce]
Started from : D:\Sta?ené soubory\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/18/2016 17:54:23
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Smazáno
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Smazáno
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Smazáno
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GPUZ (\??\C:\Users\Kuba\AppData\Local\Temp\GPUZ.sys) -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GPUZ (\??\C:\Users\Kuba\AppData\Local\Temp\GPUZ.sys) -> Smazáno
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Smazáno
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> ERROR [2]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{04c254f7-985b-4381-baf6-fbf35b55fccc} | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{04c254f7-985b-4381-baf6-fbf35b55fccc} | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 1 ¤¤¤
[PUP][Soubor] C:\Windows\SECOH-QAD.exe -> Smazáno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SHFS37A120G SCSI Disk Device +++++
--- User ---
[MBR] 04945583f7015bef5074dce658850c01
[BSP] 7278cdd6f61a64db01de362db11f16bd : Unknown|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 113921 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 233519104 | Size: 449 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: WDC WD5000AZRX-00A8LB0 +++++
--- User ---
[MBR] 5c7a9bcad643d45d4f8a4bcf58a407d7
[BSP] e5fba81765050877720b0b1594774104 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
RogueKiller V12.0.2.0 (x64) [Mar 14 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : Kuba [Práva správce]
Started from : D:\Sta?ené soubory\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/18/2016 17:54:23
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Smazáno
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Smazáno
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Smazáno
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GPUZ (\??\C:\Users\Kuba\AppData\Local\Temp\GPUZ.sys) -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GPUZ (\??\C:\Users\Kuba\AppData\Local\Temp\GPUZ.sys) -> Smazáno
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Smazáno
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> ERROR [2]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{04c254f7-985b-4381-baf6-fbf35b55fccc} | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{04c254f7-985b-4381-baf6-fbf35b55fccc} | DhcpNameServer : 10.0.0.1 ([X]) -> Nahrazeno ()
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 1 ¤¤¤
[PUP][Soubor] C:\Windows\SECOH-QAD.exe -> Smazáno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SHFS37A120G SCSI Disk Device +++++
--- User ---
[MBR] 04945583f7015bef5074dce658850c01
[BSP] 7278cdd6f61a64db01de362db11f16bd : Unknown|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 113921 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 233519104 | Size: 449 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: WDC WD5000AZRX-00A8LB0 +++++
--- User ---
[MBR] 5c7a9bcad643d45d4f8a4bcf58a407d7
[BSP] e5fba81765050877720b0b1594774104 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
Kdo je online
Uživatelé prohlížející si toto fórum: Google Adsense [Bot] a 100 hostů