prosím o kontrolu log

joboj · Příspěvekod **joboj** » 15 led 2015 11:59

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:58:15, on 15.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
F:\Stahování\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2925770863-1594867048-3651094729-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-2925770863-1594867048-3651094729-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11767 bytes

Reklama

Příspěvekod **Orcus** » 15 led 2015 18:35

Problémy?

===================================================

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

joboj · Příspěvekod **joboj** » 15 led 2015 22:03

Dobrý den, při hraní her mi hra vyskakuje do Windowsu, nebo při brouzdání po netu běží otevřená stránka jakoby na pozadí (nemůžu psát, nebo posouvat kolečkem stránku). Musím na stránku kliknout a pak to na chvilku jde. Děje se to docela často. Avast mi při rychlém testu našel 3 viry a smazal je. Pak jsem ještě udělal důkladný test po restartu (trval 4 hodiny) a Avast opět něco smazal. Problém přetrvává. Následující den jsem udělal znovu rychlý test a opět 3 viry. Obnovu systému mám vypnutou. Jeden soubor nemohl být otestován, protože je offline. Je to tento:

C:\Users\Milan\AppData\Roaming\Seznam.cz\sources.inf

Jdu stáhnout ty programy.

joboj · Příspěvekod **joboj** » 15 led 2015 22:25

# AdwCleaner v4.107 - Report created 15/01/2015 at 22:21:24
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Milan - MILAN-PC
# Running from : F:\Stahování\adwcleaner_4.107.exe
# Option : Scan

***** [ Services ] *****

Service Found : BCUService

***** [ Files / Folders ] *****

File Found : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\DeviceVM
Folder Found : C:\Program Files (x86)\ShopperPro
Folder Found : C:\Program Files (x86)\VideoDownloadConverter_4z
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\ShopperPro
Folder Found : C:\Users\Milan\AppData\Local\eSupport.com
Folder Found : C:\Users\Milan\AppData\Local\iac
Folder Found : C:\Users\Milan\AppData\Local\VideoDownloadConverter_4z
Folder Found : C:\Users\Milan\AppData\LocalLow\iac
Folder Found : C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z
Folder Found : C:\Users\Milan\AppData\Roaming\Babylon
Folder Found : C:\Users\Milan\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Public\Documents\ShopperPro

***** [ Scheduled Tasks ] *****

Task Found : SPDriver
Task Found : YTDownloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Found : HKCU\Software\DeviceVM
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\VideoDownloadConverter_4z
Key Found : [x64] HKCU\Software\DeviceVM
Key Found : [x64] HKCU\Software\eSupport.com
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF6E4B1C-DBDE-457E-9CEF-AB8ECAC8A5E8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\VideoDownloadConverter_4z
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{37923200-6887-4B44-95D4-CAE8F83ECFEE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Found : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin
Key Found : HKLM\SOFTWARE\ShopperPro
Key Found : HKLM\SOFTWARE\VideoDownloadConverter_4z
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Found : [x64] HKLM\SOFTWARE\ShopperPro
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.95

-\\ Opera v26.0.1656.60

*************************

AdwCleaner[R0].txt - [7988 octets] - [15/01/2015 22:21:24]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8048 octets] ##########

joboj · Příspěvekod **joboj** » 15 led 2015 22:45

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15.1.2015
Scan Time: 22:30:38
Logfile: log 123.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.15.13
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Milan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373169
Time Elapsed: 10 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 13
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, , [12a7d02744454ee8165fe6070ff3956b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, , [12a7d02744454ee8165fe6070ff3956b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, , [2891f205a9e052e4d3a3618c38ca06fa],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, , [2891f205a9e052e4d3a3618c38ca06fa],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, , [dfda7d7a7c0da5912453e805966cf010],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, , [dfda7d7a7c0da5912453e805966cf010],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\VideoDownloadConverter_4z, , [417802f57c0d76c01e5004e149bbaa56],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, , [7841de19bbce5dd9b394fda254af43bd],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO, , [ae0b42b55b2eac8ab37042324fb408f8],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, , [b702688f0f7a77bf897b4c28c53e936d],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\VideoDownloadConverter_4z, , [a31620d730595cda175806df719342be],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, , [5663d81f39507cba995351483cc740c0],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, , [6f4a54a35831033304e8b9e025dea957],

Registry Values: 11
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, %dXHÂ·kQOA¤Ä?8Ä?A1>Â»X, , [2891f205a9e052e4d3a3618c38ca06fa]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, %dXHÂ·kQOA¤Ä?8Ä?A1>Â»X, , [2891f205a9e052e4d3a3618c38ca06fa]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, , [7148de192267b97d2f470edf0bf747b9],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, , [358433c473162e0822546a83c53d728e],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{93a3111f-4f74-4ed8-895e-d9708497629e}, , [50691addb7d292a47cf9e80360a2867a],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{93A3111F-4F74-4ED8-895E-D9708497629E}, , [50691addb7d292a47cf9e80360a2867a],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{93A3111F-4F74-4ED8-895E-D9708497629E}, , [50691addb7d292a47cf9e80360a2867a],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{93a3111f-4f74-4ed8-895e-d9708497629e}, , [9a1f8077d6b369cd660f23c8cc36af51],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe, , [33867e79aedb6ccaee6393f6d1328080]
PUP.Optional.ShopperPro, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe, , [33867e79aedb6ccaee6393f6d1328080]
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO|aff, obrdcb, , [ae0b42b55b2eac8ab37042324fb408f8]

Registry Data: 0
(No malicious items detected)

Folders: 23
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\48B85AE3F22B42538443DE68F5732DF2, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\831EF154A5FD44428D0175C5C07DF37F, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\DB9BB11D239041518BD942391953D418, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\FF93BFBA7A7D4B3780C7A8F8DE5594CE, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\OpenCandy_FF93BFBA7A7D4B3780C7A8F8DE5594CE, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\assists, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\History, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\History, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Settings, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, , [fdbc6790e4a5fe3836751843b053f010],

Files: 34
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, , [fbbeaa4d95f4da5cacad1277a0634bb5],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe, , [33867e79aedb6ccaee6393f6d1328080],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\48B85AE3F22B42538443DE68F5732DF2\AVG-PC-TuneUp2014.exe, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\831EF154A5FD44428D0175C5C07DF37F\speedupmypc-ROW-p2v4.exe, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\DB9BB11D239041518BD942391953D418\AVG-PC-TuneUp2014.exe, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\FF93BFBA7A7D4B3780C7A8F8DE5594CE\pcspeedup.exe, , [f5c494635039ed49635167d0d23158a8],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\BOOTSTRAP.JS, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CHROME.MANIFEST, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\INSTALL.RDF, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\installKeys.js, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\LOGO.BMP, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider\CONFIG.XML, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome\4zffxtbr.jar, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1\COMMON.T8S, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg\COMMON.T8S, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message\COMMON.T8S, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings\s_pid.dat, , [5d5c8176e9a0ce687287e05e669d29d7],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0915, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0BB4, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0CDC.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0D88.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0E53.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0F0E.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0F8B.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F1101.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F12D5.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F140D.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F147A.bmp, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\files.ini, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\PopupProperties221584466.html, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\History\search3, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Settings\prevcfg2.htm, , [eecb72857e0b1125a2b6bd8b42c1e61a],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, , [fdbc6790e4a5fe3836751843b053f010],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.json, , [fdbc6790e4a5fe3836751843b053f010],

Physical Sectors: 0
(No malicious items detected)

(end)

joboj · Příspěvekod **joboj** » 15 led 2015 22:48

Ještě než jsem si stáhl Vámi napsané programy se mi 2x stalo, že se objevilo okno, že internet Explorer nepracuje správně a musel být ukončen. Problém je v tom, že používám Operu a v té chvíli jsem IE neměl vůbec otevřený.

Příspěvekod **Orcus** » 16 led 2015 09:36

Je možné, že nějaký malware spouští IE na pozadí.

Znovu spusť MbAM a dej Skenovat nyní
Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
Zkopíruj sem celý obsah toho logu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

joboj · Příspěvekod **joboj** » 16 led 2015 11:07

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16.1.2015
Scan Time: 10:54:41
Logfile: 111222.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.16.04
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Milan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372301
Time Elapsed: 10 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 13
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, Quarantined, [eb29c6327c0de84e8a2b06e708fa4cb4],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, Quarantined, [eb29c6327c0de84e8a2b06e708fa4cb4],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Quarantined, [8e86dc1ca4e5bc7a1e98ec01db27da26],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Quarantined, [8e86dc1ca4e5bc7a1e98ec01db27da26],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, Quarantined, [809483757415b482783fa7463ac81ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, Quarantined, [809483757415b482783fa7463ac81ae6],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\VideoDownloadConverter_4z, Quarantined, [36de0eeac4c52a0ca707766f4db7fc04],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, Quarantined, [5db7887014750c2a71163f60907345bb],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO, Quarantined, [9d77f602791010269cc7284c6d9604fc],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [ae662ace7118c67074d0284c3dc68d73],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\VideoDownloadConverter_4z, Quarantined, [51c3817795f4eb4b8e21499cff05e11f],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, Quarantined, [ba5a9e5acebb280ea18b8e0cc73c649c],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, Quarantined, [9f7527d1c0c966d085a75a40c1421de3],

Registry Values: 11
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, %dXHÂ·kQOA¤Ä?8Ä?A1>Â»X, Quarantined, [8e86dc1ca4e5bc7a1e98ec01db27da26]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, %dXHÂ·kQOA¤Ä?8Ä?A1>Â»X, Quarantined, [8e86dc1ca4e5bc7a1e98ec01db27da26]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Quarantined, [30e4a05893f653e32492608d27db9070],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Quarantined, [1cf87b7dec9deb4b5363529b5ea4837d],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{93a3111f-4f74-4ed8-895e-d9708497629e}, Quarantined, [ba5a8e6aafdaf145bcf91fcc61a1629e],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{93A3111F-4F74-4ED8-895E-D9708497629E}, Quarantined, [ba5a8e6aafdaf145bcf91fcc61a1629e],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{93A3111F-4F74-4ED8-895E-D9708497629E}, Quarantined, [ba5a8e6aafdaf145bcf91fcc61a1629e],
PUP.Optional.Mindspark.A, HKU\S-1-5-21-2925770863-1594867048-3651094729-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{93a3111f-4f74-4ed8-895e-d9708497629e}, Quarantined, [0d071bdd058439fd298c658605fd43bd],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe, Quarantined, [22f22eca672212249cf5bacfed1616ea]
PUP.Optional.ShopperPro, HKU\S-1-5-21-2925770863-1594867048-3651094729-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe, Quarantined, [22f22eca672212249cf5bacfed1616ea]
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO|aff, obrdcb, Quarantined, [9d77f602791010269cc7284c6d9604fc]

Registry Data: 0
(No malicious items detected)

Folders: 23
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\48B85AE3F22B42538443DE68F5732DF2, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\831EF154A5FD44428D0175C5C07DF37F, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\DB9BB11D239041518BD942391953D418, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\FF93BFBA7A7D4B3780C7A8F8DE5594CE, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\OpenCandy_FF93BFBA7A7D4B3780C7A8F8DE5594CE, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\assists, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\History, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\History, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Settings, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, Quarantined, [8c889662e8a1e3537d6eb3a88d7653ad],

Files: 34
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, Quarantined, [72a2a6529cedb4826d2c6326ae559769],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1463.0.0.0\jsdrv.exe, Quarantined, [22f22eca672212249cf5bacfed1616ea],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\48B85AE3F22B42538443DE68F5732DF2\AVG-PC-TuneUp2014.exe, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\831EF154A5FD44428D0175C5C07DF37F\speedupmypc-ROW-p2v4.exe, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\DB9BB11D239041518BD942391953D418\AVG-PC-TuneUp2014.exe, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\FF93BFBA7A7D4B3780C7A8F8DE5594CE\pcspeedup.exe, Quarantined, [8193eb0d1970f3437a7ae84f81828b75],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\BOOTSTRAP.JS, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CHROME.MANIFEST, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\INSTALL.RDF, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\installKeys.js, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\LOGO.BMP, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider\CONFIG.XML, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome\4zffxtbr.jar, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1\COMMON.T8S, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg\COMMON.T8S, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message\COMMON.T8S, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings\s_pid.dat, Quarantined, [7c98dc1c0c7d2d09f5440c3350b31ce4],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0915, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0BB4, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0CDC.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0D88.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0E53.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0F0E.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F0F8B.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F1101.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F12D5.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F140D.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\003F147A.bmp, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\files.ini, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\PopupProperties221584466.html, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\History\search3, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.MindSpark.A, C:\Users\Milan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Settings\prevcfg2.htm, Quarantined, [66aec632197034023a5eda6e9b6855ab],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, Quarantined, [8c889662e8a1e3537d6eb3a88d7653ad],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.json, Quarantined, [8c889662e8a1e3537d6eb3a88d7653ad],

Physical Sectors: 0
(No malicious items detected)

(end)

joboj · Příspěvekod **joboj** » 16 led 2015 11:17

# AdwCleaner v4.107 - Report created 16/01/2015 at 11:13:30
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Milan - MILAN-PC
# Running from : F:\Stahování\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BCUService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\DeviceVM
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Users\Milan\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Milan\AppData\Local\iac
Folder Deleted : C:\Users\Milan\AppData\Local\VideoDownloadConverter_4z
Folder Deleted : C:\Users\Milan\AppData\LocalLow\iac
Folder Deleted : C:\Users\Milan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Public\Documents\ShopperPro
File Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : SPDriver
Task Deleted : YTDownloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{37923200-6887-4B44-95D4-CAE8F83ECFEE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF6E4B1C-DBDE-457E-9CEF-AB8ECAC8A5E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.95

-\\ Opera v26.0.1656.60

*************************

AdwCleaner[R0].txt - [8200 octets] - [15/01/2015 22:21:24]
AdwCleaner[R1].txt - [7281 octets] - [16/01/2015 11:11:30]
AdwCleaner[S0].txt - [6994 octets] - [16/01/2015 11:13:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7054 octets] ##########

joboj · Příspěvekod **joboj** » 16 led 2015 11:27

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Milan on p 16.01.2015 at 11:19:48,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{519C7878-577C-4232-9CCD-8793220CFDD4}

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 16.01.2015 at 11:25:10,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

joboj · Příspěvekod **joboj** » 16 led 2015 11:29

Neměl jsem vyplý Avast u JRT. Mám to spustit znovu, nebo to nevadí?

joboj · Příspěvekod **joboj** » 16 led 2015 11:40

RogueKiller V10.1.2.0 (x64) [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Milan [Práva správce]
Mód : Prohledat -- Datum : 01/16/2015 11:38:15

¤¤¤ Procesy : 3 ¤¤¤
[Suspicious.Path] szndesktop.exe(3548) -- C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe[7] -> Zastaveno [TermProc]
[Suspicious.Path] listicka-x64.exe(512) -- C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe[7] -> Zastaveno [TermThr]
[Suspicious.Path] explorer.exe(3804) -- C:\Users\Milan\AppData\Roaming\tricomfi\tivesen.dll[-] -> Uvolněno

¤¤¤ Registry : 13 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2925770863-1594867048-3651094729-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> Nalezeno
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2925770863-1594867048-3651094729-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> Nalezeno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2925770863-1594867048-3651094729-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> Nalezeno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2925770863-1594867048-3651094729-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> Nalezeno
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UnlockerDriver5 (\??\C:\Program Files\Unlocker\UnlockerDriver5.sys) -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2925770863-1594867048-3651094729-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/?clid=16194 -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2925770863-1594867048-3651094729-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/?clid=16194 -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG SP2504C ATA Device +++++
--- User ---
[MBR] 34db72dce3d53b5c472db172cba74c14
[BSP] b16c23d7ef47c6213dd7a0498d89eb97 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 188374 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 385998543 | Size: 49996 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD My Book 1140 USB Device +++++
--- User ---
[MBR] c570f3bf377740b8267308a99af2d3d6
[BSP] f0d7639c07f6783687a8c627fbf5bc1f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1430766 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

prosím o kontrolu log Vyřešeno

prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Re: prosím o kontrolu log

Kdo je online