Shooper-pro
Re: Shooper-pro
asi problem,u toho posledního Malwarebytes' Anti-Malware jsem po skenonaní dal opravit,to je asi prušvih že?
Re: Shooper-pro
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 1.8.2014
Čas skenování: 19:28:00
Protokol: AdwCleaner[R0].txt
Správce: Ano
Verze: 2.00.2.1012
Databáze malwaru: v2014.08.01.04
Databáze rootkitů: v2014.07.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oem
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 306053
Uplynulý čas: 5 min, 5 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 4
PUP.Optional.Goobzo, C:\Program Files\Common Files\ShopperPro\spbiu.exe, 2060, Smazat při restartu, [66023889c3b8bc7a53de446b7e8659a7]
Riskware.BitcoinMiner, C:\Users\oem\AppData\Roaming\miner\minerd.exe, 3940, Smazat při restartu, [2147fdc4b8c3bb7bad81a8a326db32ce]
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, 3868, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db]
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, 1312, Smazat při restartu, [1058e7daf4876fc7e9964181ff03619f]
Moduly: 0
(No malicious items detected)
Klíče registru: 112
PUP.Optional.Goobzo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpd, Do karantény, [66023889c3b8bc7a53de446b7e8659a7],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Do karantény, [80e8dce55625ff37e6ab5f0757abaf51],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Do karantény, [80e8dce55625ff37e6ab5f0757abaf51],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.Babylon.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Do karantény, [65038d341d5e7db91acddc830cf67d83],
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Do karantény, [095fb20fd7a4f442c7cb0f579c667888],
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Do karantény, [095fb20fd7a4f442c7cb0f579c667888],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, Do karantény, [2a3ea21f3b40a2946fcc09911fe333cd],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShopperPro, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.37.0.202, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [93d58b36750654e25fb51cb2649e12ee],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [e484e8d981fa60d6814dbc75c53fe11f],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [1e4a03be4b3078bed83b319de31fa759],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [2b3d526f0d6e9c9aca05d65b00043dc3],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [25434f72f2893df935dd0ac48e74ee12],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [75f3546d2655b5810ac64ee38f75e41c],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [bdabdbe6cdae3ff737cf06c84bb7ae52],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [1b4d259c8bf0999d775a042d36ce13ed],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [3d2b3091a9d23105699e418db64c6a96],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [3f2939885724e5517d55270a07fdb050],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [9ccc2e93cfac88ae729616b83ec41ce4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [e187d1f02358ab8b21b208290cf85ca4],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [83e5863b3942a78f8486616dce34bd43],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [ff69fcc57dfe94a29d3749e8e51f8c74],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Do karantény, [eb7d7b460a713df9676e0c2551b315eb],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [81e7dbe63e3d171f917ae1ed53afdc24],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [4b1dc8f925562214def8b18031d3926e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Do karantény, [93d5f1d0e893b185498e1f120bf9db25],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [590fc2ff403b2e08ba52a8269d65ca36],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [86e2e8d9a0db9c9a10c8270a6d9717e9],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [9ace2b96007b7fb75bb28a448e740af6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [93d59f226f0c3df934a5151cbd47e61a],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Do karantény, [88e0fbc6691238fe835768c9ee161fe1],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Do karantény, [d6922e9367149a9c627962cfc53fdd23],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [98d019a81566a195927c7955dd252dd3],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [b8b0c100f3882511d804ea4757ada759],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [4325b01196e50b2be42b8a44f50d6b95],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [6206caf7e893dd59508d60d108fc837d],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [a0c86d547dfebd7965ab6f5f24de629e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [a7c15c6585f61125f9e4c26f10f449b7],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Do karantény, [f2764c750a7137ff32acec4572927e82],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [491f17aa85f62214b35e1bb37989ff01],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [4523348d364515218f501918cd377b85],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Do karantény, [da8e5170493275c125bb1f12947058a8],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Do karantény, [0464f1d0dd9e8caa31b07fb2c34125db],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Do karantény, [73f50db4ea91b581e8fadf521ce8b34d],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Do karantény, [6701b60b08731620a43fe44d56ae45bb],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Do karantény, [98d0962be09b3bfb2741220e16eebc44],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Do karantény, [d98f4f72354688ae3c3891416b9709f7],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [1d4b6160502b3402a07425a9f50dee12],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [f771635e017aa5914688121f6b999e62],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [02667b460774ed49858efcd28b779b65],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [d197c5fcf4870432854a1b16fb098e72],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [f078dde49fdc3402b65cf8d6778b0000],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [34340db40a7164d2c70976bbfb096a96],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [a9bf269b0972a98de52124aa936fc937],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [e484d9e81566ab8b6071f73a9c68758b],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [5e0a873ad2a94fe716f19935758d05fb],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [76f2a0214c2f72c4577bd9588381ad53],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [81e7a21fc6b572c43dcbb31b11f17c84],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [5f09af12cfac0036cc07969bb1537f81],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [7fe91da47209cb6b19f1319d7e84966a],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [9dcb7d44daa12115b91be54cc73d3ac6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Do karantény, [e088635e453653e325b082af4db79d63],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [3a2e3889e69590a6e3283698e022cb35],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [e682f0d1522963d3686e0d249a6a0af6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Do karantény, [b5b3e7da3d3e989e4c8b979a7094936d],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [98d002bf95e676c0f21abf0faa58718f],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [35339e237605c86ef1e7d75ab94ba25e],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [bfa9833ea3d8fe38da33f3dbb64c48b8],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [ff69447d176468ce2faa70c1758f6997],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Do karantény, [8cdc11b0e59679bdcc0e71c0d034ff01],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Do karantény, [bfa9645d4d2e1a1c706ba68bb74dd12f],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [0365fec34833fa3c3dd19d319c662bd5],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [491f0ab75f1c92a4607cb67beb194fb1],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [ee7ae2dfb4c771c5ee21ae2036cc847c],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [bdab6f52a9d270c6647977ba6f95b54b],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [c1a77c45de9dc96d8c84bc12ae5426da],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [99cfcef3b0cb0c2a9a435ad761a37d83],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Do karantény, [91d73e83ec8f92a4c6180a270bf9d22e],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [234515aca4d7999d5bb6ece2dc26a060],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [0d5b2899e19ad95db9268ba67c88b947],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Do karantény, [83e5a918c1bac76f2db3979a93716f91],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Do karantény, [c4a48839c3b8a1951cc5a38e41c30af6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Do karantény, [1a4ed3eebdbe88ae3da557dab0543bc5],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Do karantény, [6602556c334881b533b01d1454b05fa1],
PUP.Optional.DefaultTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DefaultTabSearch, Do karantény, [bcacc1001e5d1323251d0ffe83819967],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Do karantény, [92d68a378cefcd69920042e229dbf30d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Do karantény, [551306bb8af1f4428b8b8377a65c7f81],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Do karantény, [c5a3d2efc7b438fe86b2759b56ae9967],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Do karantény, [8ade68590c6faa8c81aefbee5da553ad],
PUP.Optional.IePluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Do karantény, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
Hodnoty registru: 6
PUP.Optional.NextLive.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\oem\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, Do karantény, [35336d546912c373876f025be61b5ca4]
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db]
PUP.Optional.ShopperPro, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Do karantény, [d98f4f72354688ae3c3891416b9709f7]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0O1S1D1N0A2Y1Q1D1G, Do karantény, [c5a3d2efc7b438fe86b2759b56ae9967]
Trojan.Agent.MNR, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|miner, "C:\Users\oem\AppData\Roaming\miner\nircmd.exe" exec hide "C:\Users\oem\AppData\Roaming\miner\start.bat", Do karantény, [eb7d8d3442395fd740a248d809fb2ed2]
Data registru: 0
(No malicious items detected)
Složky: 23
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\cache, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.Datamngr.A, C:\Users\oem\AppData\LocalLow\DataMngr, Do karantény, [69ffcdf45b2077bf4bcf595a23df7a86],
PUP.Optional.SimilarSites.A, C:\Users\oem\AppData\Roaming\SimilarSites, Do karantény, [79effcc52556a19578195361639f14ec],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Smazat při restartu, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Do karantény, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{35894365-7BE7-4F92-95BC-5681E54CC1C5}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
Soubory: 70
PUP.Optional.Goobzo, C:\Program Files\Common Files\ShopperPro\spbiu.exe, Smazat při restartu, [66023889c3b8bc7a53de446b7e8659a7],
Riskware.BitcoinMiner, C:\Users\oem\AppData\Roaming\miner\minerd.exe, Smazat při restartu, [2147fdc4b8c3bb7bad81a8a326db32ce],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\nengine.dll, Do karantény, [35336d546912c373876f025be61b5ca4],
PUP.Optional.Spigot.A, C:\ProgramData\YTD Video Downloader\ytd_installer.exe, Do karantény, [80e8319002794de9e4bb63c3a15f7c84],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Local\genienext\nengine.dll, Do karantény, [8eda625ff9828da9f4021b42e819b947],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\config.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\database1_0_0.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\manifest.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.dll, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro64.dll, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\SPRemove.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\Updater.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\config.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\database1_0_0.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.sys, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, Do karantény, [a1c7962b4635ef47fa1c606e04fed927],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, Do karantény, [c6a2b40dd7a486b087909f2f26dca65a],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, Do karantény, [e682cff21a61c76f3cdc745ab84ab050],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-1, Do karantény, [2642c6fb6813d85efc73468c5ca62ad6],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-11, Do karantény, [0266566b6f0c82b4244b369c7f832ed2],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-2, Do karantény, [8bddb011740777bf7bf4726023df40c0],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-3, Do karantény, [6bfdc100d6a52610afc08e444ab8d22e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-4, Do karantény, [74f47e43bbc043f3650a19b9fa08738d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-5, Do karantény, [d0980eb35a2174c2ed8272608f7348b8],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-5_user, Do karantény, [4a1ea819ea918da9b4bb0cc68082c53b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-6, Do karantény, [c4a46c5584f7c5716b0426acba48d12f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-7, Do karantény, [78f0c9f882f978bed59a815144be728e],
Trojan.BitcoinMiner, C:\Users\oem\AppData\Roaming\miner\start.bat, Do karantény, [a7c1546d0873f34388dc04d12ed47090],
PUP.Optional.Superfish.A, C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Smazat při restartu, [71f73b86accf0e28cc3d02e0f0121fe1],
PUP.Optional.Superfish.A, C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Do karantény, [5117d3eeb2c9102656b334aef70bd030],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Do karantény, [95d3259c4833989e918c1b16996b2fd1],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Do karantény, [82e616abfd7e81b57da187aa48bc6799],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Do karantény, [85e31ea3d7a42d0944db41f0fb0954ac],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Do karantény, [0b5d09b8d8a3d561f03001306e96cc34],
Trojan.Agent.MNR, C:\Users\oem\AppData\Roaming\miner\nircmd.exe, Do karantény, [eb7d8d3442395fd740a248d809fb2ed2],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\nengine.cookie, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\cache\spark.bin, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.Datamngr.A, C:\Users\oem\AppData\LocalLow\DataMngr\{2ad95a4b-54b3-4570-bc8b-e85db90c1775}64, Do karantény, [69ffcdf45b2077bf4bcf595a23df7a86],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, Smazat při restartu, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Do karantény, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-29[23-53-37-406].log, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-29[23-53-48-884].log, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
Fyzické sektory: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Datum skenování: 1.8.2014
Čas skenování: 19:28:00
Protokol: AdwCleaner[R0].txt
Správce: Ano
Verze: 2.00.2.1012
Databáze malwaru: v2014.08.01.04
Databáze rootkitů: v2014.07.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oem
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 306053
Uplynulý čas: 5 min, 5 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 4
PUP.Optional.Goobzo, C:\Program Files\Common Files\ShopperPro\spbiu.exe, 2060, Smazat při restartu, [66023889c3b8bc7a53de446b7e8659a7]
Riskware.BitcoinMiner, C:\Users\oem\AppData\Roaming\miner\minerd.exe, 3940, Smazat při restartu, [2147fdc4b8c3bb7bad81a8a326db32ce]
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, 3868, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db]
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, 1312, Smazat při restartu, [1058e7daf4876fc7e9964181ff03619f]
Moduly: 0
(No malicious items detected)
Klíče registru: 112
PUP.Optional.Goobzo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpd, Do karantény, [66023889c3b8bc7a53de446b7e8659a7],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Do karantény, [80e8dce55625ff37e6ab5f0757abaf51],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Do karantény, [80e8dce55625ff37e6ab5f0757abaf51],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Do karantény, [94d44b762655c86ea6355b092dd57090],
PUP.Optional.Babylon.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Do karantény, [65038d341d5e7db91acddc830cf67d83],
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Do karantény, [095fb20fd7a4f442c7cb0f579c667888],
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Do karantény, [095fb20fd7a4f442c7cb0f579c667888],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, Do karantény, [2a3ea21f3b40a2946fcc09911fe333cd],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShopperPro, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.37.0.202, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [93d58b36750654e25fb51cb2649e12ee],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [e484e8d981fa60d6814dbc75c53fe11f],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [1e4a03be4b3078bed83b319de31fa759],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [2b3d526f0d6e9c9aca05d65b00043dc3],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [25434f72f2893df935dd0ac48e74ee12],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [75f3546d2655b5810ac64ee38f75e41c],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [bdabdbe6cdae3ff737cf06c84bb7ae52],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [1b4d259c8bf0999d775a042d36ce13ed],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [3d2b3091a9d23105699e418db64c6a96],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [3f2939885724e5517d55270a07fdb050],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [9ccc2e93cfac88ae729616b83ec41ce4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [e187d1f02358ab8b21b208290cf85ca4],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [83e5863b3942a78f8486616dce34bd43],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [ff69fcc57dfe94a29d3749e8e51f8c74],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Do karantény, [eb7d7b460a713df9676e0c2551b315eb],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [81e7dbe63e3d171f917ae1ed53afdc24],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [4b1dc8f925562214def8b18031d3926e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Do karantény, [93d5f1d0e893b185498e1f120bf9db25],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [590fc2ff403b2e08ba52a8269d65ca36],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [86e2e8d9a0db9c9a10c8270a6d9717e9],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [9ace2b96007b7fb75bb28a448e740af6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [93d59f226f0c3df934a5151cbd47e61a],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Do karantény, [88e0fbc6691238fe835768c9ee161fe1],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Do karantény, [d6922e9367149a9c627962cfc53fdd23],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [98d019a81566a195927c7955dd252dd3],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [b8b0c100f3882511d804ea4757ada759],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [4325b01196e50b2be42b8a44f50d6b95],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [6206caf7e893dd59508d60d108fc837d],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [a0c86d547dfebd7965ab6f5f24de629e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [a7c15c6585f61125f9e4c26f10f449b7],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Do karantény, [f2764c750a7137ff32acec4572927e82],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [491f17aa85f62214b35e1bb37989ff01],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [4523348d364515218f501918cd377b85],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Do karantény, [da8e5170493275c125bb1f12947058a8],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Do karantény, [0464f1d0dd9e8caa31b07fb2c34125db],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Do karantény, [73f50db4ea91b581e8fadf521ce8b34d],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Do karantény, [6701b60b08731620a43fe44d56ae45bb],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Do karantény, [98d0962be09b3bfb2741220e16eebc44],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Do karantény, [d98f4f72354688ae3c3891416b9709f7],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [1d4b6160502b3402a07425a9f50dee12],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Do karantény, [f771635e017aa5914688121f6b999e62],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [02667b460774ed49858efcd28b779b65],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Do karantény, [d197c5fcf4870432854a1b16fb098e72],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [f078dde49fdc3402b65cf8d6778b0000],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Do karantény, [34340db40a7164d2c70976bbfb096a96],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [a9bf269b0972a98de52124aa936fc937],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Do karantény, [e484d9e81566ab8b6071f73a9c68758b],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [5e0a873ad2a94fe716f19935758d05fb],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Do karantény, [76f2a0214c2f72c4577bd9588381ad53],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [81e7a21fc6b572c43dcbb31b11f17c84],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Do karantény, [5f09af12cfac0036cc07969bb1537f81],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [7fe91da47209cb6b19f1319d7e84966a],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Do karantény, [9dcb7d44daa12115b91be54cc73d3ac6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Do karantény, [e088635e453653e325b082af4db79d63],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [3a2e3889e69590a6e3283698e022cb35],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Do karantény, [e682f0d1522963d3686e0d249a6a0af6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Do karantény, [b5b3e7da3d3e989e4c8b979a7094936d],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [98d002bf95e676c0f21abf0faa58718f],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Do karantény, [35339e237605c86ef1e7d75ab94ba25e],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [bfa9833ea3d8fe38da33f3dbb64c48b8],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Do karantény, [ff69447d176468ce2faa70c1758f6997],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Do karantény, [8cdc11b0e59679bdcc0e71c0d034ff01],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Do karantény, [bfa9645d4d2e1a1c706ba68bb74dd12f],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [0365fec34833fa3c3dd19d319c662bd5],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Do karantény, [491f0ab75f1c92a4607cb67beb194fb1],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [ee7ae2dfb4c771c5ee21ae2036cc847c],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Do karantény, [bdab6f52a9d270c6647977ba6f95b54b],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [c1a77c45de9dc96d8c84bc12ae5426da],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Do karantény, [99cfcef3b0cb0c2a9a435ad761a37d83],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Do karantény, [91d73e83ec8f92a4c6180a270bf9d22e],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [234515aca4d7999d5bb6ece2dc26a060],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Do karantény, [0d5b2899e19ad95db9268ba67c88b947],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Do karantény, [83e5a918c1bac76f2db3979a93716f91],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Do karantény, [c4a48839c3b8a1951cc5a38e41c30af6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Do karantény, [1a4ed3eebdbe88ae3da557dab0543bc5],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Do karantény, [6602556c334881b533b01d1454b05fa1],
PUP.Optional.DefaultTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DefaultTabSearch, Do karantény, [bcacc1001e5d1323251d0ffe83819967],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Do karantény, [92d68a378cefcd69920042e229dbf30d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Do karantény, [551306bb8af1f4428b8b8377a65c7f81],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Do karantény, [c5a3d2efc7b438fe86b2759b56ae9967],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Do karantény, [8ade68590c6faa8c81aefbee5da553ad],
PUP.Optional.IePluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Do karantény, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
Hodnoty registru: 6
PUP.Optional.NextLive.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\oem\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, Do karantény, [35336d546912c373876f025be61b5ca4]
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db]
PUP.Optional.ShopperPro, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Do karantény, [d98f4f72354688ae3c3891416b9709f7]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0O1S1D1N0A2Y1Q1D1G, Do karantény, [c5a3d2efc7b438fe86b2759b56ae9967]
Trojan.Agent.MNR, HKU\S-1-5-21-2685867222-1597755569-815654481-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|miner, "C:\Users\oem\AppData\Roaming\miner\nircmd.exe" exec hide "C:\Users\oem\AppData\Roaming\miner\start.bat", Do karantény, [eb7d8d3442395fd740a248d809fb2ed2]
Data registru: 0
(No malicious items detected)
Složky: 23
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\cache, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.Datamngr.A, C:\Users\oem\AppData\LocalLow\DataMngr, Do karantény, [69ffcdf45b2077bf4bcf595a23df7a86],
PUP.Optional.SimilarSites.A, C:\Users\oem\AppData\Roaming\SimilarSites, Do karantény, [79effcc52556a19578195361639f14ec],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Smazat při restartu, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Do karantény, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{35894365-7BE7-4F92-95BC-5681E54CC1C5}, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
Soubory: 70
PUP.Optional.Goobzo, C:\Program Files\Common Files\ShopperPro\spbiu.exe, Smazat při restartu, [66023889c3b8bc7a53de446b7e8659a7],
Riskware.BitcoinMiner, C:\Users\oem\AppData\Roaming\miner\minerd.exe, Smazat při restartu, [2147fdc4b8c3bb7bad81a8a326db32ce],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\nengine.dll, Do karantény, [35336d546912c373876f025be61b5ca4],
PUP.Optional.Spigot.A, C:\ProgramData\YTD Video Downloader\ytd_installer.exe, Do karantény, [80e8319002794de9e4bb63c3a15f7c84],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Local\genienext\nengine.dll, Do karantény, [8eda625ff9828da9f4021b42e819b947],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\config.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\database1_0_0.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\manifest.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.dll, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro64.dll, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\SPRemove.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\Updater.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\config.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\database1_0_0.json, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe, Smazat při restartu, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.sys, Do karantény, [de8a625f6a111d1954a5ba13d92925db],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, Do karantény, [a1c7962b4635ef47fa1c606e04fed927],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, Do karantény, [c6a2b40dd7a486b087909f2f26dca65a],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, Do karantény, [e682cff21a61c76f3cdc745ab84ab050],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-1, Do karantény, [2642c6fb6813d85efc73468c5ca62ad6],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-11, Do karantény, [0266566b6f0c82b4244b369c7f832ed2],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-2, Do karantény, [8bddb011740777bf7bf4726023df40c0],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-3, Do karantény, [6bfdc100d6a52610afc08e444ab8d22e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-4, Do karantény, [74f47e43bbc043f3650a19b9fa08738d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-5, Do karantény, [d0980eb35a2174c2ed8272608f7348b8],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-5_user, Do karantény, [4a1ea819ea918da9b4bb0cc68082c53b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-6, Do karantény, [c4a46c5584f7c5716b0426acba48d12f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5b35d1bf-8985-41a7-a5c0-520df08c38cc-7, Do karantény, [78f0c9f882f978bed59a815144be728e],
Trojan.BitcoinMiner, C:\Users\oem\AppData\Roaming\miner\start.bat, Do karantény, [a7c1546d0873f34388dc04d12ed47090],
PUP.Optional.Superfish.A, C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Smazat při restartu, [71f73b86accf0e28cc3d02e0f0121fe1],
PUP.Optional.Superfish.A, C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Do karantény, [5117d3eeb2c9102656b334aef70bd030],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Do karantény, [95d3259c4833989e918c1b16996b2fd1],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Do karantény, [82e616abfd7e81b57da187aa48bc6799],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Do karantény, [85e31ea3d7a42d0944db41f0fb0954ac],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Do karantény, [0b5d09b8d8a3d561f03001306e96cc34],
Trojan.Agent.MNR, C:\Users\oem\AppData\Roaming\miner\nircmd.exe, Do karantény, [eb7d8d3442395fd740a248d809fb2ed2],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\nengine.cookie, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.NextLive.A, C:\Users\oem\AppData\Roaming\newnext.me\cache\spark.bin, Do karantény, [f87068597ffc082e44137e30e220a55b],
PUP.Optional.Datamngr.A, C:\Users\oem\AppData\LocalLow\DataMngr\{2ad95a4b-54b3-4570-bc8b-e85db90c1775}64, Do karantény, [69ffcdf45b2077bf4bcf595a23df7a86],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, Smazat při restartu, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Do karantény, [1058e7daf4876fc7e9964181ff03619f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-29[23-53-37-406].log, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-29[23-53-48-884].log, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Do karantény, [f4742998afcc3bfb9c575a6a639f4db3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Do karantény, [ed7b6d54c9b2122428a753737191a65a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, Do karantény, [7bedf8c90873b680fb1ff8d3e22007f9],
Fyzické sektory: 0
(No malicious items detected)
(end)
Re: Shooper-pro
tak to je vše,snad to dopadne pro mě už dobře,děkuji jinak,snad mi řeknete co a jak
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Shooper-pro
Stane se, nic systémového jsi neodstřeilm ale radši koukej co píšeme. 
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 13 hostů