Pošahané prohlížeče

PavlinQa1234 · Příspěvekod **PavlinQa1234** » 28 pro 2015 15:52

Neustále mi to spamuje reklamy na ruský housky, vyhledávání mi to nastavilo na

http://search.snapdo.com/

a nejde to změnit a do toho mi každých deset minut vyskočí tabulka Videostripe s nějakýmy filmy či co a chce to po mě platbu... Pak mam třeba přes půl stránky vyskočené tabulky s reklamamy a když chci jít na stránku s přehrávačema na filmy tak mě to kopne na jinou stránku jménem

Kód: Vybrat vše

http://tracking.toroadvertising.com/...

Prosím o pomoc.. :/

Reklama

Příspěvekod **jerabina** » 28 pro 2015 15:57

Udělej log z HJT podle návodu v mém podpisu a ten sem vlož.

PavlinQa1234 · Příspěvekod **PavlinQa1234** » 28 pro 2015 19:44

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:42:29, on 28. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Clownfish\Clownfish.exe
C:\Users\Jiří\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Jiří\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Windows\Inf\MSASGui.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jiří\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jiří\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... zWojiDM&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... zWojiDM&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... zWojiDM&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F. ... WaCzJ75W8w
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... zWojiDM&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: CheckMeUp - {5A31488E-DAF4-EDDA-DA38-6E056E4A093B} - C:\Program Files (x86)\version09CheckMeUp\194.dll (file missing)
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Timestasks] C:\ProgramData\TimeTasks\timetasks.exe"
O4 - HKLM\..\Run: [ZaxarGameBrowser] "C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe" -s
O4 - HKLM\..\Run: [ZaxarLoader] "C:\Program Files (x86)\Zaxar\ZaxarLoader.exe" /verysilent
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\system32\msstp.vbe
O4 - HKLM\..\Run: [mnctkmtscSrv] C:\WINDOWS\inf\mnctkmtsc.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [gmsd_re_004010007] "C:\Program Files (x86)\gmsd_re_004010007\gmsd_re_004010007.exe"
O4 - HKLM\..\RunOnce: [PreRun] C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe
O4 - HKLM\..\RunOnce: [upgmsd_re_004010007.exe] C:\Users\Jiří\AppData\Local\gmsd_re_004010007\upgmsd_re_004010007.exe -runonce
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Jiří\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Jiří\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jiří\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Curse.lnk = ?
O4 - Startup: IMVU.lnk = ?
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\OLBPre\OLBPre.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O20 - AppInit_DLLs: C:\ProgramData\caMyciloP\OpeTop.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ApplicationHosting - Unknown owner - C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\\caMyciloP\\caMyciloP.exe
O23 - Service: Saotex (compyoductprodnct) - Unknown owner - C:\Users\Jiří\AppData\Local\Zoobam.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Finwarm Service (FinwarmSvc) - Unknown owner - C:\Users\JI10BB~1\AppData\Local\Temp\iyWybx\runner.exe
O23 - Service: GIGABYTE Adjust (gadjservice) - Unknown owner - C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hon Controller (honic32) - Unknown owner - C:\Program Files\HonController\honic.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotCash Limited - C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14259 bytes

Příspěvekod **jerabina** » 28 pro 2015 22:53

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

PavlinQa1234 · Příspěvekod **PavlinQa1234** » 29 pro 2015 14:46

# AdwCleaner v5.026 - Logfile created 29/12/2015 at 14:40:35
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : JiĹ™Ă - CHAPPIE
# Running from : C:\Users\JiĹ™Ă\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : webTinstMKTN84
Service Found : ApplicationHosting
Service Found : caMyciloP
Service Found : webTinstMKTN84

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\simplitec
Folder Found : C:\Program Files (x86)\Crossbrowse
Folder Found : C:\Program Files (x86)\OLBPre
Folder Found : C:\Program Files (x86)\version09CheckMeUp
Folder Found : C:\Program Files (x86)\Crossbrowse
Folder Found : C:\Program Files (x86)\gmsd_re_004010007
Folder Found : C:\Program Files (x86)\gmsd_re_004010007
Folder Found : C:\ProgramData\Mail.Ru
Folder Found : C:\ProgramData\simplitec
Folder Found : C:\ProgramData\camycilop
Folder Found : C:\ProgramData\ApplicationHosting
Folder Found : C:\ProgramData\Medlights
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZaxarGameBrowser
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\globalUpdate
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\Mail.Ru
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\MailRu
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\PriceMeter
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\PriceFountain
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\Kometa
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\Crossbrowse
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\Crossbrowse
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\gmsd_re_004010007
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\gmsd_re_004010007
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\19040
Folder Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmpieponfdjfekdfdfgmhamccfddpfb
Folder Found : C:\Users\JiĹ™Ă\AppData\LocalLow\mystarttb
Folder Found : C:\Users\JiĹ™Ă\AppData\Roaming\SetMyHomePage
Folder Found : C:\Users\JiĹ™Ă\AppData\Roaming\newSI_1007
Folder Found : C:\Users\JiĹ™Ă\AppData\Roaming\newSI_1017
Folder Found : C:\Users\JiĹ™Ă\AppData\Roaming\newSI_1022
Folder Found : C:\Users\JiĹ™Ă\AppData\Roaming\Microsoft\Windows\Start Menu\Đ‘ĐľĐşĐľĐ˛Đ°ŃŹ ĐżĐ°Đ˝ĐµĐ»ŃŚ - ĐšĐľĐĽĐµŃ‚Đ°
Folder Found : C:\Users\JiĹ™Ă\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kometa

***** [ Files ] *****

File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oppjbdkgpfhhllancffaoaemplhkngoc_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oppjbdkgpfhhllancffaoaemplhkngoc_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_clpremdo.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_clpremdo.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cs.reimageplus.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cs.reimageplus.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage
File Found : C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage-journal
File Found : C:\Users\JiĹ™Ă\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Kometa.lnk
File Found : C:\Users\JiĹ™Ă\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\JiĹ™Ă\Desktop\MyPC Backup.lnk
File Found : C:\WINDOWS\patsearch.bin
File Found : C:\WINDOWS\SysNative\drivers\webTinstMKTN84.sys
File Found : C:\WINDOWS\SysWOW64\findit.xml

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : pricemeterdownloader
Task Found : pricemetertask
Task Found : pricemeterwatcher
Task Found : LaunchPreSignup
Task Found : simplitec Power Suite (Tray)
Task Found : simplitec Power Suite
Task Found : CheckMeUp Update
Task Found : CheckMeUp Update

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ZaxarLoader]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ZaxarGameBrowser]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Timestasks]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_re_004010007]
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\PriceMeter
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : HKCU\Software\GAMESDESKTOP
Key Found : HKCU\Software\SetMyHomePage
Key Found : HKCU\Software\Microsoft\Tinstalls
Key Found : HKCU\Software\AppDataLow\Software\CheckMeUp
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DealPlyLive
Key Found : HKLM\SOFTWARE\mystarttb
Key Found : HKLM\SOFTWARE\PriceMeterLiveUpdate
Key Found : HKLM\SOFTWARE\simplitec
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SOFTWARE\GAMESDESKTOP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6ECB650E-8177-CC04-71B4-6BE3CD063758
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_re_004010007_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_re_004010007_is1
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OLBPre
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\internetspeedtracker.dl.tb.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.snapdo.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\snapdo.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Web browsers ] *****

[C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : omniboxes
[C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : morphvox-voice-changer.en.softonic.com
[C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : feed.snapdo.com
[C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.omniboxes.com/webfavicon.ico
[C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : fcgnigmofekcllgbiejhmigggmgehkip
[C:\Users\JiĹ™Ă\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : inmpieponfdjfekdfdfgmhamccfddpfb

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [11518 bytes] ##########

PavlinQa1234 · Příspěvekod **PavlinQa1234** » 29 pro 2015 16:16

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29. 12. 2015
Čas skenování: 15:58:26
Protokol: 111.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.03.09.05
Databáze rootkitů: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: JiA?A

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 398900
Uplynulý čas: 15 min, 55 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.BitCoinMiner, C:\Windows\Inf\MSASGui.exe, 5856, , [8dec76cd0783c571a06873f96999be42]
PUP.Optional.GamesDesktop.A, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007\upgmsd_re_004010007.exe, 4060, , [e69366dd266471c51f652f698e7501ff]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 24
PUP.Optional.WebTInst.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\webTinstMKTN84, , [c4b589ba622848ee38e510988083aa56],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPlyLive, , [02773c07b6d489ad78f665a7a263d030],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, , [38413f042961b97d0d1b367fc043a45c],
PUP.Optional.MyStart.A, HKLM\SOFTWARE\WOW6432NODE\mystarttb, , [2851c47f6d1d4ceadd65bf09d2317090],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\PriceMeterLiveUpdate, , [3c3d261d098185b180158f2323e07c84],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gmsd_re_004010007_is1, , [a4d5a3a0c6c4bd79a1f814a1df247e82],
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, , [2752271c8efcd066fb7a38fff31208f8],
PUP.Optional.PriceMeter.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\PriceMeter, , [cdac8eb56a204fe7b0e4b632cb386898],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\TutoTag, , [5326ad964e3c0c2ab610b07d3fc6b54b],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\TUTORIALS\updatetutorialeshp, , [83f64300fc8e5dd9bf33f0bae81b8e72],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\TUTORIALS\updatetutorialshp, , [8beedc6734568fa75f9404a64cb715eb],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\TUTORIALS\updv, , [493096ad3d4d4de942b229816b9824dc],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}\INPROCSERVER32, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{694F0491-E01F-73DD-CC36-B57AF87952E4}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{038FFA2B-9457-797D-7CF8-1F568D8F93F2}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{694F0491-E01F-73DD-CC36-B57AF87952E4}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{694F0491-E01F-73DD-CC36-B57AF87952E4}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],
PUP.Optional.CheckMeUp.A, HKU\S-1-5-21-2140061879-4247313515-970661719-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5A31488E-DAF4-EDDA-DA38-6E056E4A093B}, , [bfbac380d4b6b185bd25cd1bac59da26],

Hodnoty registru: 4
PUP.Optional.Zaxar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ZaxarLoader, "C:\Program Files (x86)\Zaxar\ZaxarLoader.exe" /verysilent, , [f48549fa1476e94da7ed39a12fd427d9]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_re_004010007, "C:\Program Files (x86)\gmsd_re_004010007\gmsd_re_004010007.exe", , [473242015d2deb4b5349e9cce81b639d]
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 05A73FF9-6ED1-4F0D-844A-69EFB97B2B61, , [2752271c8efcd066fb7a38fff31208f8]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upgmsd_re_004010007.exe, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007\upgmsd_re_004010007.exe -runonce, , [e69366dd266471c51f652f698e7501ff]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 10
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\bitstreams, , [5f1a40035c2e241208ae81eac14210f0],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceFountain.A, C:\Users\JiA?A\AppData\Local\PriceFountain, , [9edb083bddadda5ced89d2bb60a36b95],
PUP.Optional.PriceFountain.A, C:\Users\JiA?A\AppData\Local\PriceFountain\logs, , [9edb083bddadda5ced89d2bb60a36b95],
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP, , [d2a789bafa90d4624c37acecd82bbc44],
PUP.Optional.GamesDesktop.A, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007, , [e69366dd266471c51f652f698e7501ff],
PUP.Optional.GamesDesktop.A, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007\Download, , [e69366dd266471c51f652f698e7501ff],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007, , [4d2c64df8208fb3bf78e47517c87e020],

Soubory: 211
PUP.BitCoinMiner, C:\Windows\Inf\MSASGui.exe, , [8dec76cd0783c571a06873f96999be42],
Trojan.Agent, C:\Users\JiA?A\Downloads\counter-strike-1.6-parachute-speed-hack-(desactive-anti-virus-for-work).rar, , [e594a3a01f6bb482d3d9421455abd32d],
Hacktool.CheatEngine, C:\Users\JiA?A\Downloads\Assassins Creed 4 Black Flag Trainer +14 V1.07 MrAntiFun.zip, , [5b1eab9858324bebeea17bbf738d20e0],
Trojan.Agent.H, C:\Users\JiA?A\Downloads\cd_hack.rar, , [dd9cc57e71192f076925eeb5a65cd52b],
Hacktool.CheatEngine, C:\Users\JiA?A\Downloads\Hitman_Absolution_V1.0.447.0_Trainer_plus4.zip, , [f08950f372185ed89bf43efcff0138c8],
PUP.Optional.MixVideoPlayer.A, C:\Users\JiA?A\AppData\Local\Setup Wizard\36a5d2d1-0628-4bd6-9b33-c0b0232b548f\mixvideoplayersetup.exe, , [f089cd761674f14582be9ed06d93d42c],
PUP.Optional.MixVideoPlayer.A, C:\Users\JiA?A\AppData\Local\Setup Wizard\45365fd2-5597-4689-a364-8607e00b2511\mixvideoplayersetup.exe, , [0574af94800adc5a3808432b98685ea2],
PUP.Optional.MyStartTB.A, C:\Users\JiA?A\AppData\Local\Setup Wizard\9a1c5b6d-83db-441a-bcd5-aee5cb905c9c\mystarttb_5.5.0.2_samba.exe, , [c8b1a79c65253006306c5d10e71a26da],
PUP.Optional.WebTInst.A, C:\Windows\System32\drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf, , [8eeb85beb7d31a1cdc407632a162b749],
PUP.Optional.WebTInst.A, C:\Windows\System32\drivers\webTinstMKTN84.sys, , [c4b589ba622848ee38e510988083aa56],
PUP.Optional.Patsearch.A, C:\Windows\patsearch.bin, , [b3c60b38abdf64d214fbffb030d335cb],
PUP.Optional.CheckMeUp.A, C:\Windows\Tasks\CheckMeUp Update.job, , [27527dc6503a7db921634b6bbf44867a],
PUP.Optional.CheckMeUp.A, C:\Windows\System32\Tasks\CheckMeUp Update, , [5f1a0340503ab680d8ad7a3c6d967e82],
PUP.Optional.MyPCBackup.A, C:\Users\JiA?A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk, , [ef8ab98af298ad89cbf033870ef5ea16],
PUP.Optional.MyPCBackup.A, C:\Users\JiA?A\Desktop\MyPC Backup.lnk, , [f485241ffc8e4aec6a52f5c56b9809f7],
PUP.Optional.PriceMeter.A, C:\Windows\System32\Tasks\pricemeterdownloader, , [90e92f145c2ebb7b2cdeca059a6957a9],
PUP.Optional.PriceMeter.A, C:\Windows\System32\Tasks\pricemetertask, , [3e3bd46f5f2b082e2bcb745e6d9614ec],
PUP.Optional.PriceMeter.A, C:\Windows\System32\Tasks\pricemeterwatcher, , [7dfc86bd563475c1ac4b2ea4b74cbb45],
Trojan.Agent.VBS, C:\Windows\SysWOW64\msstp.vbe, , [63162c17b0daf73f5971c22bc53ecb35],
PUP.Optional.ReMarkable.A, C:\Users\JiA?A\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, , [354499aab9d12d09edbb3bf4ae57619f],
PUP.Optional.ReMarkable.A, C:\Users\JiA?A\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, , [9fda1033692183b39d0b84ab48bd6d93],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\diablo130302.cl, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\diakgcn121016.cl, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libcurl-4.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libeay32.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libidn-11.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\librtmp.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libssh2.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\mnctkmtsc.exe, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\phatk121016.cl, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\poclbm130302.cl, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\scrypt130511.cl, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\ssleay32.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\zlib1.dll, , [5f1a40035c2e241208ae81eac14210f0],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [5f1a40035c2e241208ae81eac14210f0],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\cef.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\cfg.dat, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\console.log, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\devtools_resources.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\icudt.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\libcef.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\version.dat, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\am.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\am.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\am.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ar.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ar.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ar.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\bg.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\bg.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\bg.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\bn.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\bn.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\bn.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ca.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ca.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ca.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\cs.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\cs.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\cs.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\da.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\da.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\da.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\de.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\de.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\de.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\el.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\el.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\el.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\en-GB.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\en-GB.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\en-GB.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\en-US.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\en-US.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\en-US.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\es-419.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\es-419.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\es-419.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\es.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\es.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\es.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\et.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\et.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\et.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fa.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fa.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fa.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fi.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fi.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fi.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fil.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fil.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fil.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fr.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fr.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\fr.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\gu.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\gu.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\gu.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\he.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\he.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\he.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hi.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hi.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hi.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hr.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hr.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hr.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hu.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hu.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\hu.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\id.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\id.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\id.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\it.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\it.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\it.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ja.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ja.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ja.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\kn.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\kn.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\kn.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ko.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ko.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ko.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\lt.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\lt.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\lt.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\lv.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\lv.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\lv.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ml.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ml.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ml.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\mr.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\mr.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\mr.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ms.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ms.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ms.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\nb.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\nb.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\nb.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\nl.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\nl.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\nl.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pl.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pl.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pl.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pt-BR.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pt-BR.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pt-BR.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pt-PT.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pt-PT.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\pt-PT.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ro.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ro.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ro.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ru.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ru.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ru.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sk.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sk.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sk.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sl.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sl.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sl.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sr.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sr.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sr.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sv.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sv.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sv.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sw.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sw.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\sw.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ta.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ta.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\ta.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\te.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\te.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\te.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\th.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\th.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\th.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\tr.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\tr.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\tr.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\uk.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\uk.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\uk.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\vi.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\vi.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\vi.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\zh-CN.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\zh-CN.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\zh-CN.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\zh-TW.dll, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\zh-TW.dll.pdb, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceMeter.A, C:\Users\JiA?A\AppData\Local\PriceMeter\locales\zh-TW.pak, , [98e168dbd5b5df5723fa0c64cf348d73],
PUP.Optional.PriceFountain.A, C:\Users\JiA?A\AppData\Local\PriceFountain\logs\installation.log, , [9edb083bddadda5ced89d2bb60a36b95],
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk, , [d2a789bafa90d4624c37acecd82bbc44],
PUP.Optional.GamesDesktop.A, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007\upgmsd_re_004010007.cyl, , [e69366dd266471c51f652f698e7501ff],
PUP.Optional.GamesDesktop.A, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007\upgmsd_re_004010007.exe, , [e69366dd266471c51f652f698e7501ff],
PUP.Optional.GamesDesktop.A, C:\Users\JiA?A\AppData\Local\gmsd_re_004010007\Download\majmp_gentlerow.exe, , [e69366dd266471c51f652f698e7501ff],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007\gamesdesktop_widget.exe, , [4d2c64df8208fb3bf78e47517c87e020],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007\unins000.dat, , [4d2c64df8208fb3bf78e47517c87e020],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007\unins000.exe, , [4d2c64df8208fb3bf78e47517c87e020],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007\unins000.msg, , [4d2c64df8208fb3bf78e47517c87e020],
PUP.Optional.CheckMeUp.A, C:\Program Files (x86)\version09CheckMeUp\194_x64.dll, , [bfbac380d4b6b185bd25cd1bac59da26],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 29 pro 2015 23:28

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Pošahané prohlížeče

Pošahané prohlížeče

Re: Pošahané prohlížeče

Re: Pošahané prohlížeče

Re: Pošahané prohlížeče

Re: Pošahané prohlížeče

Re: Pošahané prohlížeče

Re: Pošahané prohlížeče

Kdo je online