Kontrola logu
Napsal: 29 zář 2016 15:19
Dobrý den,
prosím o kontrolu logu, ntb využíván v domácnosti starší generací. Objevují se prý chybové hlášky, jednu z nich jsem zaznamenal - Program WinThruster přestal pracovat...
Přikládám log z HJT:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:14:34, on 29.9.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16789)
FIREFOX: 48.0.2 (x86 cs)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\taskeng.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\MyDrive Connect\MyDriveConnect.exe
C:\Users\notebook\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\Skypee\Phone\Skype.exe
C:\Users\notebook\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost:8092
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files\MyDrive Connect\MyDriveConnect.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\notebook\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skypee\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files\LightComp eDoklady Skenováni\iehelper.html
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate1ca6eb36e821be5) (gupdate1ca6eb36e821be5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skypee\Updater\Updater.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 7324 bytes
a z MBAM
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.9.2016
Čas skenování: 14:57:30
Protokol: vysledky_mbam.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.09.29.06
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: notebook
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 272412
Uplynulý čas: 11 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 13
PUP.Optional.ConduitTB, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [08e2db9cb9e1f04658c1a1eeef1335cb],
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\conduitEngine, , [40aa8aede8b2e65071c2ace68d76f709],
PUP.Optional.uTorrentBar, HKLM\SOFTWARE\uTorrentBar, , [cd1de196603aec4af6045366867dea16],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2786678, , [a7431661b1e9a393d09e2c6562a19f61],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [34b68aed8c0e65d1701ff1abed16936d],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\APPDATALOW\SOFTWARE\conduitEngine, , [b33722550e8c86b0d35d6a28768df60a],
PUP.Optional.uTorrentBar, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\APPDATALOW\SOFTWARE\uTorrentBar, , [0bdfa5d27c1e5bdb2ccc9326b94a42be],
PUP.Optional.ICQ, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [ebffd2a52c6ee254568420853ac90000],
PUP.Optional.Conduit, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [21c9e4932476b3833055f9a305feb44c],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}, , [eefce88fff9bdd595b59ce215ca77e82],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\conduitEngine, , [04e6f582ecae70c635fdfc965ba8f50b],
Hodnoty registru: 12
PUP.Optional.ConduitTB, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{30F9B915-B755-4826-820B-08FBA6BD249D}, Conduit Engine, , [08e2db9cb9e1f04658c1a1eeef1335cb]
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, | ÔJ f@ˇBCŘ t@, , [cf1be295178357df74e65e4de71df40c]
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{00000000-6E41-4FD3-8538-502F5495E5FC}, , [df0be790b4e662d410feb146a4603fc1],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00000000-6E41-4FD3-8538-502F5495E5FC}, , [df0be790b4e662d410feb146a4603fc1],
PUP.Optional.ConduitTB, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [e208eb8c7228f44241d8444bd52dc43c],
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [6f7b661162388da91941446772929070],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678, , [34b68aed8c0e65d1701ff1abed16936d]
PUP.Optional.ICQ, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd, , [ebffd2a52c6ee254568420853ac90000]
PUP.Optional.Conduit, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678, , [21c9e4932476b3833055f9a305feb44c]
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}|URL, http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYCZ&apn_uid=482E51CD-C1FE-4F1E-9FD5-04701A53A42C&apn_sauid=CAEB252B-CA41-4F24-A013-58D3CAF6C4E4, , [eefce88fff9bdd595b59ce215ca77e82]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 4
PUP.Optional.uTorrentBar, C:\Users\notebook\AppData\LocalLow\uTorrentBar, , [cd1d79feb1e9092dabcbf3cca26052ae],
PUP.Optional.uTorrentBar, C:\Users\notebook\AppData\LocalLow\uTorrentBar\Logs, , [cd1d79feb1e9092dabcbf3cca26052ae],
PUP.Optional.WinThruster, C:\Program Files\WinThruster, , [57939ddab8e270c62b7252752dd5b64a],
PUP.Optional.Solvusoft, C:\Users\notebook\AppData\Roaming\Solvusoft, , [2cbe383f67337fb7f645ae2d877d956b],
Soubory: 9
PUP.Optional.SysTweak, C:\Program Files\WinThruster\unins000.exe, , [ecfe6c0bf5a5a2946955cdf2a958e818],
PUP.Optional.SysTweak, C:\Program Files\WinThruster\WinThruster.exe, , [e40614638e0c63d3a0f84381827f7090],
PUP.Optional.SysTweak, C:\Windows\System32\roboot.exe, , [de0ca5d21c7ed2649ff9784c5ea39b65],
PUP.Optional.WinWrapper, C:\Users\notebook\Downloads\winamp5666_full_all-70401097.exe, , [9753dd9a1e7c0b2bc16697feb24f936d],
PUP.Optional.WinThruster, C:\Windows\Tasks\WinThruster_DEFAULT.job, , [21c966114753b383d40318df58aba45c],
PUP.Optional.WinThruster, C:\Windows\Tasks\WinThruster_UPDATES.job, , [ba3052254555ff372fa8c03746bd43bd],
PUP.Optional.WinThruster, C:\Program Files\WinThruster\unins000.dat, , [57939ddab8e270c62b7252752dd5b64a],
PUP.Optional.WinThruster, C:\Program Files\WinThruster\unins000.msg, , [57939ddab8e270c62b7252752dd5b64a],
PUP.Optional.ASK.Gen, C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\fzt8g72r.default\searchplugins\askcom.xml, , [99512f48aaf025116d669cfe7e86e21e],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
prosím o kontrolu logu, ntb využíván v domácnosti starší generací. Objevují se prý chybové hlášky, jednu z nich jsem zaznamenal - Program WinThruster přestal pracovat...
Přikládám log z HJT:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:14:34, on 29.9.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16789)
FIREFOX: 48.0.2 (x86 cs)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\taskeng.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\MyDrive Connect\MyDriveConnect.exe
C:\Users\notebook\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\Skypee\Phone\Skype.exe
C:\Users\notebook\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost:8092
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files\MyDrive Connect\MyDriveConnect.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\notebook\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skypee\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files\LightComp eDoklady Skenováni\iehelper.html
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate1ca6eb36e821be5) (gupdate1ca6eb36e821be5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skypee\Updater\Updater.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 7324 bytes
a z MBAM
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.9.2016
Čas skenování: 14:57:30
Protokol: vysledky_mbam.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.09.29.06
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: notebook
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 272412
Uplynulý čas: 11 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 13
PUP.Optional.ConduitTB, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [08e2db9cb9e1f04658c1a1eeef1335cb],
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\conduitEngine, , [40aa8aede8b2e65071c2ace68d76f709],
PUP.Optional.uTorrentBar, HKLM\SOFTWARE\uTorrentBar, , [cd1de196603aec4af6045366867dea16],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2786678, , [a7431661b1e9a393d09e2c6562a19f61],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [34b68aed8c0e65d1701ff1abed16936d],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\APPDATALOW\SOFTWARE\conduitEngine, , [b33722550e8c86b0d35d6a28768df60a],
PUP.Optional.uTorrentBar, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\APPDATALOW\SOFTWARE\uTorrentBar, , [0bdfa5d27c1e5bdb2ccc9326b94a42be],
PUP.Optional.ICQ, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [ebffd2a52c6ee254568420853ac90000],
PUP.Optional.Conduit, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [21c9e4932476b3833055f9a305feb44c],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}, , [eefce88fff9bdd595b59ce215ca77e82],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\conduitEngine, , [04e6f582ecae70c635fdfc965ba8f50b],
Hodnoty registru: 12
PUP.Optional.ConduitTB, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{30F9B915-B755-4826-820B-08FBA6BD249D}, Conduit Engine, , [08e2db9cb9e1f04658c1a1eeef1335cb]
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, | ÔJ f@ˇBCŘ t@, , [cf1be295178357df74e65e4de71df40c]
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf1be295178357df74e65e4de71df40c],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{00000000-6E41-4FD3-8538-502F5495E5FC}, , [df0be790b4e662d410feb146a4603fc1],
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00000000-6E41-4FD3-8538-502F5495E5FC}, , [df0be790b4e662d410feb146a4603fc1],
PUP.Optional.ConduitTB, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [e208eb8c7228f44241d8444bd52dc43c],
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [6f7b661162388da91941446772929070],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678, , [34b68aed8c0e65d1701ff1abed16936d]
PUP.Optional.ICQ, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd, , [ebffd2a52c6ee254568420853ac90000]
PUP.Optional.Conduit, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678, , [21c9e4932476b3833055f9a305feb44c]
PUP.Optional.ASK, HKU\S-1-5-21-2468744986-3110552355-1160561118-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}|URL, http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYCZ&apn_uid=482E51CD-C1FE-4F1E-9FD5-04701A53A42C&apn_sauid=CAEB252B-CA41-4F24-A013-58D3CAF6C4E4, , [eefce88fff9bdd595b59ce215ca77e82]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 4
PUP.Optional.uTorrentBar, C:\Users\notebook\AppData\LocalLow\uTorrentBar, , [cd1d79feb1e9092dabcbf3cca26052ae],
PUP.Optional.uTorrentBar, C:\Users\notebook\AppData\LocalLow\uTorrentBar\Logs, , [cd1d79feb1e9092dabcbf3cca26052ae],
PUP.Optional.WinThruster, C:\Program Files\WinThruster, , [57939ddab8e270c62b7252752dd5b64a],
PUP.Optional.Solvusoft, C:\Users\notebook\AppData\Roaming\Solvusoft, , [2cbe383f67337fb7f645ae2d877d956b],
Soubory: 9
PUP.Optional.SysTweak, C:\Program Files\WinThruster\unins000.exe, , [ecfe6c0bf5a5a2946955cdf2a958e818],
PUP.Optional.SysTweak, C:\Program Files\WinThruster\WinThruster.exe, , [e40614638e0c63d3a0f84381827f7090],
PUP.Optional.SysTweak, C:\Windows\System32\roboot.exe, , [de0ca5d21c7ed2649ff9784c5ea39b65],
PUP.Optional.WinWrapper, C:\Users\notebook\Downloads\winamp5666_full_all-70401097.exe, , [9753dd9a1e7c0b2bc16697feb24f936d],
PUP.Optional.WinThruster, C:\Windows\Tasks\WinThruster_DEFAULT.job, , [21c966114753b383d40318df58aba45c],
PUP.Optional.WinThruster, C:\Windows\Tasks\WinThruster_UPDATES.job, , [ba3052254555ff372fa8c03746bd43bd],
PUP.Optional.WinThruster, C:\Program Files\WinThruster\unins000.dat, , [57939ddab8e270c62b7252752dd5b64a],
PUP.Optional.WinThruster, C:\Program Files\WinThruster\unins000.msg, , [57939ddab8e270c62b7252752dd5b64a],
PUP.Optional.ASK.Gen, C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\fzt8g72r.default\searchplugins\askcom.xml, , [99512f48aaf025116d669cfe7e86e21e],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)