prosim o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 21:34

Cauky,
tady je log z hjt, komp myslím není na tom uplně nejlíp a tayk bych se potřeboval zbavit nepřátelského verison.dll, který neustále blokuje každou chvílu avast..
(daval sem jej i do jiného příspěvku, ale mám tak trosku dojem ze jsem možná upadl v zapomění, jestli ne, tak pardon..:)
dikec


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:55, on 8.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\twunk_32.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
O2 - BHO: outobox - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files (x86)\outobox\outoboxbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Zula Games - {A9337080-7CBF-4E3E-80C1-3867BEDD88E0} - C:\Program Files (x86)\Zula Games\ScriptHost.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PrivitizeVPN] C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [69D476DE71F21661A2FAA90402D362D1C4985A2B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [crsscmgr] C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: HpM3Util.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update outobox - Unknown owner - C:\Program Files (x86)\outobox\updateoutobox.exe
O23 - Service: Util outobox - Unknown owner - C:\Program Files (x86)\outobox\bin\utiloutobox.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14262 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod memphisto » 08 led 2014 21:54

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 22:02

děkuji

tu je log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
uzivatel :: PC-03122120001 [administrátor]

8.1.2014 21:59:06
MBAM-log-2014-01-08 (22-02-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 235319
Uplynulý čas: 2 minut, 39 sekund

Nalezené procesy v paměti: 5
C:\Program Files (x86)\outobox\updateoutobox.exe (PUP.Optional.Outobox.A) -> 2304 -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe (Trojan.FakeMS) -> 2756 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\utiloutobox.exe (PUP.Optional.Outobox.A) -> 2720 -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (PUP.Optional.Bitminer) -> 6332 -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (Trojan.Bitminer) -> 6332 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 5
C:\Program Files (x86)\outobox\bin\sqlite3.dll (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libcurl-4.dll (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libgcc_s_dw2-1.dll (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\pthreadGC2.dll (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 55
HKLM\SYSTEM\CurrentControlSet\Services\Update outobox (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\Util outobox (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{30f06672-0e95-41a9-80cb-dee386af99ad} (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{1eb0a0b0-cabb-495c-a85a-7c8f891799c7} (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2} (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F06672-0E95-41A9-80CB-DEE386AF99AD} (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{562B9316-C08A-444A-9482-62080DD851AE} (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{0BDCB0B7-26EE-4B62-B240-1260CD6930E0} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.ScriptHostObject.1 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.ScriptHostObject (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{115D21BE-07D8-44B8-871E-EAFE1C1A6F10} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.Tool.1 (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.Tool (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.ScriptHostObject.1 (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.ScriptHostObject (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F} (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7} (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.BackgroundHostObject.1 (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.BackgroundHostObject (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{4B8AECDD-D9FF-499E-8E9F-F90A9EF1930D} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{E65CE95B-56E9-47C9-8707-A1D1DE30760F} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{25C65308-8937-4D76-BEFB-6AF0A468E75A} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.Navbar.1 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.Navbar (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{11577C71-9E04-4A42-ACC5-9C7F240BF4FE} (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3} (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{2A16BB3D-56EA-472B-A8E8-7BB49ABDB37D} (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5} (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{1B0DA3F5-D96D-483D-8BEF-224BA1B67620} (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.Navbar.1 (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.Navbar (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zula Games (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.BackgroundHostObject (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.BackgroundHostObject.1 (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} (PUP.Optional.WebSearchInfo) -> Nebyla provedena žádná instrukce.
HKCU\Software\outobox (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\outobox (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|crsscmgr (Trojan.FakeMS) -> Data: C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.WebSearchInfo) -> Data: {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 18
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\mz (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\zulagames (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\mz (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\plugins (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\OpenCandy\2E257D286BF2412EBD53A1CEE00E6724 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 89
C:\Program Files (x86)\outobox\updateoutobox.exe (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\utiloutobox.exe (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (PUP.Optional.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\outoboxBHO.dll (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\ScriptHost.dll (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\BackgroundHost.exe (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\saviEEnshare a\55z.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HpM3Util.exe (Trojan.Agent.ED) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\updater.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\AddonsFramework.Typelib.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\background.html (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\BackgroundHost64.exe (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\BackgroundHostPS.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\bg.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\ButtonSite.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\ButtonSite64.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\config.xml (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\content.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon128.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon16.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon18.ico (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon18.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon24.ico (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon24.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon32.ico (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon32.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon48.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\jquery-1.9.1.min.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\json2.min.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\uninst.exe (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\uninstall.exe (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\updaterWrapper.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\mz\background.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\mz\content.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\zulagames\zulagames.crx (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\zulagames\icon.ico (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\background.html (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\AddonsFramework.Typelib.dll (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\BackgroundHost.exe (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\BackgroundHost64.exe (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\BackgroundHostPS.dll (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\bg.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\ButtonSite.dll (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\ButtonSite64.dll (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\config.xml (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\content.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon128.png (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon16.png (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon18.ico (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon18.png (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon24.ico (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon24.png (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon32.ico (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon32.png (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\icon48.png (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\jquery-1.9.1.min.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\json2.min.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\uninstall.exe (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\updater.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\updaterWrapper.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\zulagames.rdf (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\mz\background.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Zula Games\mz\content.js (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\outobox.ico (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\fjpdnoojnohifgekbkmnfbiobhcbedka.crx (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\outoboxUninstall.exe (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\sqlite3.exe (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\updateoutobox.InstallState (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\sqlite3.dll (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\utiloutobox.InstallState (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\plugins\outobox.FFUpdate.dll (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\plugins\outobox.GCUpdate.dll (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\outobox\bin\plugins\outobox.IEUpdate.dll (PUP.Optional.Outobox.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libcurl-4.dll (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libgcc_s_dw2-1.dll (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\pthreadGC2.dll (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (Trojan.Bitminer) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\OpenCandy\2E257D286BF2412EBD53A1CEE00E6724\PCSU_SL_3.1.2.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

(konec)

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 22:10

aa
tady adw:)

# AdwCleaner v3.016 - Report created 08/01/2014 at 22:08:37
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : uzivatel - PC-03122120001
# Running from : C:\Users\uzivatel\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : Update outobox
Service Found : Util outobox

***** [ Files / Folders ] *****

File Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\Extensions\firefox@outobox.net.xpi
File Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\firefox@outobox.net.xpi
File Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
File Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ifz4sq7c.default\Extensions\firefox@outobox.net.xpi
File Found : C:\Users\uzivatel\AppData\Roaming\speedanalysis.ico
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\BrowserProtect
File Found : C:\Windows\System32\Tasks\Dealply
File Found : C:\Windows\System32\Tasks\DealPlyUpdate
File Found : C:\Windows\System32\Tasks\EPUpdater
File Found : C:\Windows\System32\Tasks\Funmoods
Folder Found : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Folder Found : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ifz4sq7c.default\Extensions\{DA701B1C-8869-97F6-ED02-63BEB676EF21}
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\outobox
Folder Found C:\Program Files (x86)\SimpleSpeedy
Folder Found C:\Program Files (x86)\Speed Analysis 2
Folder Found C:\ProgramData\IBUpdaterService
Folder Found C:\ProgramData\saviEEnshare a
Folder Found C:\ProgramData\StarApp
Folder Found C:\Users\uzivatel\AppData\Local\Mobogenie
Folder Found C:\Users\uzivatel\AppData\Local\Temp\OCS
Folder Found C:\Users\uzivatel\AppData\Roaming\file scout
Folder Found C:\Users\uzivatel\AppData\Roaming\NCdownloader
Folder Found C:\Users\uzivatel\AppData\Roaming\OpenCandy
Folder Found C:\Users\uzivatel\AppData\Roaming\PerformerSoft
Folder Found C:\Users\uzivatel\AppData\Roaming\SpeedAnalysis2
Folder Found C:\Users\uzivatel\AppData\Roaming\zulagames
Folder Found C:\Users\uzivatel\Documents\Mobogenie

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Found : HKCU\Software\OCS
Key Found : HKCU\Software\outobox
Key Found : HKCU\Software\PrivitizeVPNInstallDates
Key Found : [x64] HKCU\Software\filescout
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : [x64] HKCU\Software\OCS
Key Found : [x64] HKCU\Software\outobox
Key Found : [x64] HKCU\Software\PrivitizeVPNInstallDates
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Found : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Key Found : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1EB0A0B0-CABB-495C-A85A-7C8F891799C7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject
Key Found : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject.1
Key Found : HKLM\SOFTWARE\Classes\Zula Games.Navbar
Key Found : HKLM\SOFTWARE\Classes\Zula Games.Navbar.1
Key Found : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject
Key Found : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject.1
Key Found : HKLM\SOFTWARE\Classes\Zula Games.Tool
Key Found : HKLM\SOFTWARE\Classes\Zula Games.Tool.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_11-inspirat-gom-player-skin_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_11-inspirat-gom-player-skin_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cyberlink-powerdirector-11_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cyberlink-powerdirector-11_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vdownloader_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vdownloader_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_ccfde35c
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
Key Found : HKLM\Software\outobox
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\outobox
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

Line Found : user_pref("browser.startup.homepage", "hxxp://websearch.searchmainia.info/?unqvl=15");
Line Found : user_pref("browser.search.order.1", "WebSearch");
Line Found : user_pref("browser.search.defaultenginename", "WebSearch");
Line Found : user_pref("browser.search.selectedEngine", "WebSearch");
Line Found : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Line Found : user_pref("browser.search.order.1,S", "WebSearch");
Line Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Found : user_pref("keyword.URL", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");

[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ifz4sq7c.default\prefs.js ]


[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14652 octets] - [08/01/2014 22:08:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14713 octets] ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 08 led 2014 22:27

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
Klikni na „ Vymazat-Clean
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 22:35

jj díky moc. tady hazu novej log z adw
# AdwCleaner v3.016 - Report created 08/01/2014 at 22:32:25
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : uzivatel - PC-03122120001
# Running from : C:\Users\uzivatel\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update outobox
[#] Service Deleted : Util outobox

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\saviEEnshare a
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\outobox
Folder Deleted : C:\Program Files (x86)\SimpleSpeedy
Folder Deleted : C:\Program Files (x86)\Speed Analysis 2
Folder Deleted : C:\Users\uzivatel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\uzivatel\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\file scout
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\SpeedAnalysis2
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\zulagames
Folder Deleted : C:\Users\uzivatel\Documents\Mobogenie
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ifz4sq7c.default\Extensions\{DA701B1C-8869-97F6-ED02-63BEB676EF21}
Folder Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Folder Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\firefox@outobox.net.xpi
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ifz4sq7c.default\Extensions\firefox@outobox.net.xpi
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\Extensions\firefox@outobox.net.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\uzivatel\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
File Deleted : C:\Windows\System32\Tasks\Dealply
File Deleted : C:\Windows\System32\Tasks\DealPlyUpdate
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\System32\Tasks\Funmoods

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_ccfde35c
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_11-inspirat-gom-player-skin_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_11-inspirat-gom-player-skin_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cyberlink-powerdirector-11_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cyberlink-powerdirector-11_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vdownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vdownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1EB0A0B0-CABB-495C-A85A-7C8F891799C7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\outobox
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\outobox
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\outobox

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.searchmainia.info/?unqvl=15");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");

[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ifz4sq7c.default\prefs.js ]


[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14906 octets] - [08/01/2014 22:08:37]
AdwCleaner[R1].txt - [14967 octets] - [08/01/2014 22:31:56]
AdwCleaner[S0].txt - [14647 octets] - [08/01/2014 22:32:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14708 octets] ##########

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 22:48

jrt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by uzivatel on st 08.01.2014 at 22:38:47,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4084914174-4283723987-2504092428-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MaskMyIP_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MaskMyIP_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MaskMyIP_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MaskMyIP_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"
Successfully deleted: [Folder] "C:\Program Files (x86)\zula games"



~~~ FireFox

Emptied folder: C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\ifz4sq7c.default\minidumps [20 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 08.01.2014 at 22:44:18,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 22:55

a taky mbam

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
uzivatel :: PC-03122120001 [administrátor]

8.1.2014 22:49:08
mbam-log-2014-01-08 (22-49-08).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 235037
Uplynulý čas: 3 minut, 10 sekund

Nalezené procesy v paměti: 3
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe (Trojan.FakeMS) -> 3216 -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (PUP.Optional.Bitminer) -> 5972 -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (Trojan.Bitminer) -> 5972 -> Bude smazán při restartu.

Nalezené moduly v paměti: 3
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libcurl-4.dll (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libgcc_s_dw2-1.dll (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\pthreadGC2.dll (Trojan.Bitminer) -> Bude smazán při restartu.

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|crsscmgr (Trojan.FakeMS) -> Data: C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 5
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uzivatel\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uzivatel\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 11
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\crssc.exe (Trojan.FakeMS) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (PUP.Optional.Bitminer) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HpM3Util.exe (Trojan.Agent.ED) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libcurl-4.dll (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\libgcc_s_dw2-1.dll (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\pthreadGC2.dll (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Users\uzivatel\AppData\Roaming\Adobe\crsscmgr\service.exe (Trojan.Bitminer) -> Bude smazán při restartu.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uzivatel\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 08 led 2014 23:04

jo a tady z toho rogue

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Kontrola -- Datum : 01/08/2014 23:02:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll [x] -> ODEBRÁNO
[SUSP PATH][DLL] explorer.exe -- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll [x] -> ODEBRÁNO

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 000007.ru
127.0.0.1 000cc.com
127.0.0.1 000e05b38ca37fe7e4b82cc63d6c2865.co.cc
127.0.0.1 0055ebba60b74c3603c00cfc2334f5fc.co.cc
127.0.0.1 02begorlae.info
127.0.0.1 02c20c8.netsolhost.com
127.0.0.1 02c8dac.netsolhost.com
127.0.0.1 02d72c3.netsolhost.com
127.0.0.1 0313879956.kt.io
127.0.0.1 033ad83.netsolhost.com
127.0.0.1 0354.ru
127.0.0.1 03e09dd8757e9dddb1c4570307076a8b.co.cc
127.0.0.1 04309.com
127.0.0.1 04597.com
127.0.0.1 0577yy.com
127.0.0.1 08zs.com
127.0.0.1 09384xi.cu.cc
127.0.0.1 09452.com
127.0.0.1 094t8g.qktsnwukvi.webhop.net
127.0.0.1 09cd.co.kr
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST2000DM001-9YN164 ATA Device +++++
--- User ---
[MBR] 52fec1a060f49405621cd94be687d2f6
[BSP] dfd46f8ea1f394ed889e6534d1fcd1e8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 799899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1638400000 | Size: 1107728 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01082014_230204.txt >>

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 09 led 2014 09:59

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

trgilan
nováček
Příspěvky: 44
Registrován: leden 14
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod trgilan » 09 led 2014 19:56

jo tak že tadyk dávám tu poslední zprávu

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Odebrat -- Datum : 01/09/2014 19:53:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll [x] -> ODEBRÁNO
[SUSP PATH][DLL] explorer.exe -- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll [x] -> ODEBRÁNO

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 000007.ru
127.0.0.1 000cc.com
127.0.0.1 000e05b38ca37fe7e4b82cc63d6c2865.co.cc
127.0.0.1 0055ebba60b74c3603c00cfc2334f5fc.co.cc
127.0.0.1 02begorlae.info
127.0.0.1 02c20c8.netsolhost.com
127.0.0.1 02c8dac.netsolhost.com
127.0.0.1 02d72c3.netsolhost.com
127.0.0.1 0313879956.kt.io
127.0.0.1 033ad83.netsolhost.com
127.0.0.1 0354.ru
127.0.0.1 03e09dd8757e9dddb1c4570307076a8b.co.cc
127.0.0.1 04309.com
127.0.0.1 04597.com
127.0.0.1 0577yy.com
127.0.0.1 08zs.com
127.0.0.1 09384xi.cu.cc
127.0.0.1 09452.com
127.0.0.1 094t8g.qktsnwukvi.webhop.net
127.0.0.1 09cd.co.kr
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST2000DM001-9YN164 ATA Device +++++
--- User ---
[MBR] 52fec1a060f49405621cd94be687d2f6
[BSP] dfd46f8ea1f394ed889e6534d1fcd1e8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 799899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1638400000 | Size: 1107728 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01092014_195359.txt >>
RKreport[0]_S_01082014_230204.txt;RKreport[0]_S_01092014_195315.txt

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 10 led 2014 10:15

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.


Udělal si to?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 118 hostů