PC-HELP.CZ

České diskuzní fórum o počítačích
https://pc-help.cnews.cz/

Adware v prohlížečích - logy

https://pc-help.cnews.cz/viewtopic.php?f=70&t=126465

Stránka 1 z 1

Adware v prohlížečích - logy

Napsal: 07 úno 2014 16:00
od Fidik
Prosím o kontrolu, viz http://www.pc-help.cz/viewtopic.php?f=47&t=126211

hijack

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:17:40, on 6. 2. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Users\Filip\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Stardock\TrayServer.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Users\Filip\Desktop\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388701075&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388701075&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0035574 - {11111111-1111-1111-1111-110311551174} - C:\Program Files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll
O2 - BHO: CrossriderApp0048559 - {11111111-1111-1111-1111-110411851159} - C:\Program Files (x86)\Apps Hat\Apps Hat-bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files (x86)\Common Files\Stardock\TrayServer.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Filip\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 13 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
O23 - Service: CyberLink PowerDVD 13 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files (x86)\rnamfler\naofsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\WINDOWS\unsignedthemes.exe
O23 - Service: Update BrowseFox - Unknown owner - C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe (file missing)
O23 - Service: Util BrowseFox - Unknown owner - C:\Program Files (x86)\BrowseFox\bin\utilBrowseFox.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 14513 bytes


adwcleaner

Kód: Vybrat vše

# AdwCleaner v3.018 - Report created 06/02/2014 at 18:51:43
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Filip - PLUH
# Running from : C:\Users\Filip\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : Update BrowseFox

***** [ Files / Folders ] *****

File Found : C:\WINDOWS\System32\roboot64.exe
File Found : C:\WINDOWS\System32\Tasks\Apps Hat-codedownloader
File Found : C:\WINDOWS\System32\Tasks\Apps Hat-enabler
File Found : C:\WINDOWS\System32\Tasks\Apps Hat-firefoxinstaller
File Found : C:\WINDOWS\System32\Tasks\Apps Hat-chromeinstaller
File Found : C:\WINDOWS\System32\Tasks\Apps Hat-updater
File Found : C:\WINDOWS\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\WINDOWS\System32\Tasks\FTdownloader V4.0-codedownloader
File Found : C:\WINDOWS\System32\Tasks\FTdownloader V4.0-codedownloader
File Found : C:\WINDOWS\System32\Tasks\FTdownloader V4.0-enabler
File Found : C:\WINDOWS\System32\Tasks\FTdownloader V4.0-enabler
File Found : C:\WINDOWS\System32\Tasks\FTdownloader V4.0-updater
File Found : C:\WINDOWS\System32\Tasks\FTdownloader V4.0-updater
File Found : C:\WINDOWS\Tasks\Apps Hat-codedownloader.job
File Found : C:\WINDOWS\Tasks\Apps Hat-enabler.job
File Found : C:\WINDOWS\Tasks\Apps Hat-firefoxinstaller.job
File Found : C:\WINDOWS\Tasks\Apps Hat-chromeinstaller.job
File Found : C:\WINDOWS\Tasks\Apps Hat-updater.job
File Found : C:\WINDOWS\Tasks\FTdownloader V4.0-codedownloader.job
File Found : C:\WINDOWS\Tasks\FTdownloader V4.0-codedownloader.job
File Found : C:\WINDOWS\Tasks\FTdownloader V4.0-enabler.job
File Found : C:\WINDOWS\Tasks\FTdownloader V4.0-enabler.job
File Found : C:\WINDOWS\Tasks\FTdownloader V4.0-updater.job
File Found : C:\WINDOWS\Tasks\FTdownloader V4.0-updater.job
Folder Found : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbffpbffjfiigoledmkcibcbadpbenec
Folder Found : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\yvwkgjjx.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
Folder Found C:\Program Files (x86)\Apps Hat
Folder Found C:\Program Files (x86)\FTdownloader V4.0
Folder Found C:\Program Files (x86)\FTdownloader V4.0
Folder Found C:\ProgramData\RegClean
Folder Found C:\Users\Filip\AppData\Local\cool_mirage
Folder Found C:\Users\Filip\AppData\LocalLow\Apps Hat
Folder Found C:\Users\Filip\AppData\Roaming\eUpdate
Folder Found C:\Users\Filip\AppData\Roaming\Systweak
Folder Found C:\Users\irnis live\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Filip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&ts=1378330834 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1388686569&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX
Key Found : HKCU\Software\5e53dd88e235ea12
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Apps Hat
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\FTdownloader V4.0
Key Found : HKCU\Software\AppDataLow\Software\FTdownloader V4.0
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\BrowseFox
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551174}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411851159}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BrowseFox
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\CToolbar
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\5e53dd88e235ea12
Key Found : HKLM\Software\Apps Hat
Key Found : HKLM\Software\BrowseFox
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551174}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411851159}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0035574.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0035574.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0035574.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0035574.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555574}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556674}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554474}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\Software\delta-homesSoftware
Key Found : HKLM\Software\FTdownloader V4.0
Key Found : HKLM\Software\FTdownloader V4.0
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{105CE2F6-6C71-4553-95DB-0521A2C0F060}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AC48E96-EB40-4792-9D9D-70D59D8754BA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5935E203-F846-461D-89DF-435059EFCBB8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6419A700-23B8-46EA-800B-C0EA78E133A2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BC852D3-9D70-4611-9AFC-016840417A4C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551174}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411851159}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555574}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556674}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1388701075&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1388701075&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1388701075&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1388701075&from=wpm0102&uid=HitachiXHTS547550A9E384_120611J2300050F5DGMBX&q={searchTerms}

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\yvwkgjjx.default\prefs.js ]

Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationThankYouPage", false);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationTime", 1390913861);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.active", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbar", "NA");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbarenhanced", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb.was_copied", "true");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb.was_copied", "true");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.backgroundver", 16);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.certdomaininstaller", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.changeprevious", false);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.value", "%221390913861%22");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000820%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.description", "Apps Hat is the cool new Android app store that helps you discover hot new apps, bo[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.domain", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.enablesearch", false);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.homepage", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.iframe", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2269FD043C8AB34897A29BA102011E4[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000820%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000820%22%2C%22sub_id%22%3A%220%2[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2269FD043C8AB34897A29B[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.value", "32");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.value", "5");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A485550%2C%22ver%22%3A5%2C%22[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.expiration", "Thu Feb 06 2014 22:30:24 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.expiration", "Wed May 07 2014 19:41:55 GMT+0200");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.value", "%22ch%22");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%2269FD043C[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_request.expiration", "Fri Feb 07 2014 06:22:43 GMT+[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//data-cdn.mbamupdates.c[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastDailyReport", "1391700585511");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastUpdate", "1391700624192");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.manifesturl", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.name", "Apps Hat");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.newtab", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.opensearch", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/48559/plugins/093/ff/plugins.json");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsversion", 9);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.publisher", "Nero");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.searchstatus", 0);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.setnewtab", false);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.thankyou", "");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.updateinterval", 360);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.ver", 32);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.FilesValidatorDueTime", "1391700583750");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.apps", "48559");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.bic", "143d9099649cd2e132e5fd34f9e20f60");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.cid", 48559);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.firstrun", false);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.hadappinstalled", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.installationdate", 1390934277);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.modetype", "production");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.reportInstall", true);
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.statsDailyCounter", 26);
Line Found : user_pref("extensions.crossrider.bic", "143d9099649cd2e132e5fd34f9e20f60");

[ File : C:\Users\irnis live\AppData\Roaming\Mozilla\Firefox\Profiles\pmnizflj.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [22003 octets] - [06/02/2014 18:51:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22064 octets] ##########


malwarebytes

Kód: Vybrat vše

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.06.07

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Filip :: PLUH [administrátor]

Ochrana: Povolena

7. 2. 2014 13:26:40
MBAM-log-2014-02-07 (15-11-00).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 284012
Uplynulý čas: 6 minut, 45 sekund

Nalezené procesy v paměti: 1
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1352 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Data: C:\ProgramData\WPM\wprotectmanager.exe -service -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Nebyla provedena žádná instrukce.
C:\Users\Filip\Downloads\GOMPLAYERENSETUP.EXE (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

Re: Adware v prohlížečích - logy

Napsal: 07 úno 2014 22:21
od Orcus
Odinstaluj Spybot - Search & Destroy. Logy nedávej do code, blbě se to čte.

====================================================

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Časové pásmo: UTC+02:00
Stránka 1 z 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/