Zdravím
Mám takový problém
1 : nevím co se mi zas dostalo do počítače ale když ho pustím jádro je 100% vytížené strašně se seká, ve hře co sem míval 150 fps mám najednou 30
2 : vždy když pustím internet tak vždy když kliknu někam tak cca po 2 minutách se mi objevuje nějáká stránka script či co a všude mám furt reklamy (dřív než předtím ) xD
Předem děkuji za radu (popř kontrolu logu)
Virus ?
Re: Virus ?
A ten HJT log je kde? Návod jsi snad dostal!?!
Trvalý BAN za trolling a dlouhodobé nerespektování pravidel fóra, duplicitní účty tohoto uživatele: satam, peyrac10, wattmetr, gracia (vydávání se za ženu), jamesbond, jamesbond1...
-
Lukas89101
- nováček
- Příspěvky: 31
- Registrován: březen 14
- Pohlaví:
- Stav:
Offline
Re: Virus ?
nedostal sem nic ? ten topick je tu 3 mins ? :O
Re: Virus ?
Ono to chce taky trochu myslet - návod je v tom odkazu od SLospetr12 nahoře, přesný odkaz máš tady viewtopic.php?t=5119
Tak se snaž.
Tak se snaž.
Trvalý BAN za trolling a dlouhodobé nerespektování pravidel fóra, duplicitní účty tohoto uživatele: satam, peyrac10, wattmetr, gracia (vydávání se za ženu), jamesbond, jamesbond1...
-
Lukas89101
- nováček
- Příspěvky: 31
- Registrován: březen 14
- Pohlaví:
- Stav:
Offline
Re: Virus ?
ok tady to je :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:42, on 11.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Users\Z3 Plus\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Z3 Plus\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=14875
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0050778 - {11111111-1111-1111-1111-110511071178} - C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Z3 Plus\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Z3 Plus\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [MKLOL] "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Z3 Plus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Verbatim GREEN BUTTON.lnk = C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files (x86)\PCData\StartHelp.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe
O23 - Service: Util SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9270 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:42, on 11.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Users\Z3 Plus\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Z3 Plus\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=14875
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0050778 - {11111111-1111-1111-1111-110511071178} - C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Z3 Plus\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Z3 Plus\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [MKLOL] "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Z3 Plus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Verbatim GREEN BUTTON.lnk = C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files (x86)\PCData\StartHelp.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe
O23 - Service: Util SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9270 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Virus ?
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Lukas89101
- nováček
- Příspěvky: 31
- Registrován: březen 14
- Pohlaví:
- Stav:
Offline
Re: Virus ?
AdwCleaner
# AdwCleaner v3.021 - Report created 12/03/2014 at 16:38:40
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Z3 Plus - Z3PLUS-PC
# Running from : C:\Users\Z3 Plus\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : APNMCP
Service Found : MgAssistService
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\System32\Tasks\GoforFilesUpdate
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-codedownloader
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-enabler
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-firefoxinstaller
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-updater
File Found : C:\Windows\Tasks\AmiUpdXp.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-enabler.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-updater.job
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\Program Files (x86)\goforfiles
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\Plus-HD-7.6
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\Users\Z3 Plus\AppData\Local\genienext
Folder Found C:\Users\Z3 Plus\AppData\Local\Mobogenie
Folder Found C:\Users\Z3 Plus\AppData\Local\NativeMessaging
Folder Found C:\Users\Z3 Plus\AppData\Local\SwvUpdater
Folder Found C:\Users\Z3 Plus\AppData\LocalLow\Conduit
Folder Found C:\Users\Z3 Plus\AppData\Roaming\goforfiles
Folder Found C:\Users\Z3 Plus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found C:\Users\Z3 Plus\AppData\Roaming\newnext.me
Folder Found C:\Users\Z3 Plus\Documents\Mobogenie
Folder Found C:\Windows\SysWOW64\AI_RecycleBin
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Plus-HD-7.6
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6
Key Found : HKLM\Software\Plus-HD-7.6
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : search_url
Found : suggest_url
*************************
AdwCleaner[R0].txt - [8530 octets] - [12/03/2014 16:38:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8590 octets] ##########
# AdwCleaner v3.021 - Report created 12/03/2014 at 16:38:40
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Z3 Plus - Z3PLUS-PC
# Running from : C:\Users\Z3 Plus\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : APNMCP
Service Found : MgAssistService
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\System32\Tasks\GoforFilesUpdate
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-codedownloader
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-enabler
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-firefoxinstaller
File Found : C:\Windows\System32\Tasks\Plus-HD-7.6-updater
File Found : C:\Windows\Tasks\AmiUpdXp.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-enabler.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
File Found : C:\Windows\Tasks\Plus-HD-7.6-updater.job
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\Program Files (x86)\goforfiles
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\Plus-HD-7.6
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\Users\Z3 Plus\AppData\Local\genienext
Folder Found C:\Users\Z3 Plus\AppData\Local\Mobogenie
Folder Found C:\Users\Z3 Plus\AppData\Local\NativeMessaging
Folder Found C:\Users\Z3 Plus\AppData\Local\SwvUpdater
Folder Found C:\Users\Z3 Plus\AppData\LocalLow\Conduit
Folder Found C:\Users\Z3 Plus\AppData\Roaming\goforfiles
Folder Found C:\Users\Z3 Plus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found C:\Users\Z3 Plus\AppData\Roaming\newnext.me
Folder Found C:\Users\Z3 Plus\Documents\Mobogenie
Folder Found C:\Windows\SysWOW64\AI_RecycleBin
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Plus-HD-7.6
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6
Key Found : HKLM\Software\Plus-HD-7.6
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : search_url
Found : suggest_url
*************************
AdwCleaner[R0].txt - [8530 octets] - [12/03/2014 16:38:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8590 octets] ##########
-
Lukas89101
- nováček
- Příspěvky: 31
- Registrován: březen 14
- Pohlaví:
- Stav:
Offline
Re: Virus ?
malware
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.12.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Z3 Plus :: Z3PLUS-PC [administrátor]
Ochrana: Povolena
12.3.2014 17:12:09
MBAM-log-2014-03-12 (17-21-49).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 212824
Uplynulý čas: 3 minut, 26 sekund
Nalezené procesy v paměti: 3
C:\Program Files (x86)\PCData\minerd.exe (Riskware.BitcoinMiner) -> 612 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> 3084 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> 3512 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 29
HKLM\SYSTEM\CurrentControlSet\Services\Update SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\Util SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{44444444-4444-4444-4444-440544074478} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{55555555-5555-5555-5555-550555075578} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.BHO.1 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76B4F24-4A2F-4E65-AD36-E2AA934E547C} (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.BHO (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.Sandbox (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.Sandbox.1 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\Software\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 6
C:\Program Files (x86)\SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\plugins (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 36
C:\Program Files (x86)\PCData\minerd.exe (Riskware.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\SerialTrunc.ico (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\7za.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\SerialTruncUninstall.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.InstallState (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\SerialTrunc.BrowserFilter.Helper.dll (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\SerialTrunc.BrowserFilter.Helper.dll.old.2f9e9089-f90c-43f0-acbe-37b3868b0737 (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\SerialTruncBrowserFilter.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.InstallState (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.BrowserFilter.dll (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-enabler.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-updater.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-validator.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\50778.crx (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\50778.xpi (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\background.html (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Installer.log (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bg.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho64.dll (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-enabler.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-updater.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-validator.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6.ico (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Uninstall.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\utils.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.12.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Z3 Plus :: Z3PLUS-PC [administrátor]
Ochrana: Povolena
12.3.2014 17:12:09
MBAM-log-2014-03-12 (17-21-49).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 212824
Uplynulý čas: 3 minut, 26 sekund
Nalezené procesy v paměti: 3
C:\Program Files (x86)\PCData\minerd.exe (Riskware.BitcoinMiner) -> 612 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> 3084 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> 3512 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 29
HKLM\SYSTEM\CurrentControlSet\Services\Update SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\Util SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{44444444-4444-4444-4444-440544074478} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{55555555-5555-5555-5555-550555075578} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.BHO.1 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76B4F24-4A2F-4E65-AD36-E2AA934E547C} (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.BHO (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.Sandbox (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0050778.Sandbox.1 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\Software\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 6
C:\Program Files (x86)\SerialTrunc (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\plugins (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 36
C:\Program Files (x86)\PCData\minerd.exe (Riskware.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\SerialTrunc.ico (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\7za.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\SerialTruncUninstall.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.InstallState (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\SerialTrunc.BrowserFilter.Helper.dll (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\SerialTrunc.BrowserFilter.Helper.dll.old.2f9e9089-f90c-43f0-acbe-37b3868b0737 (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\SerialTruncBrowserFilter.exe (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.InstallState (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.BrowserFilter.dll (PUP.Optional.SerialTrunc.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-enabler.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-updater.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-7.6-validator.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\50778.crx (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\50778.xpi (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\background.html (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Installer.log (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bg.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho64.dll (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-enabler.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-updater.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-validator.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6.ico (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\Uninstall.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Plus-HD-7.6\utils.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Z3 Plus\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
(konec)
-
Lukas89101
- nováček
- Příspěvky: 31
- Registrován: březen 14
- Pohlaví:
- Stav:
Offline
Re: Virus ?
a z toho cleanru to mám smazat ?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Virus ?
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Lukas89101
- nováček
- Příspěvky: 31
- Registrován: březen 14
- Pohlaví:
- Stav:
Offline
Re: Virus ?
Adw:
# AdwCleaner v3.021 - Report created 12/03/2014 at 20:00:32
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Z3 Plus - Z3PLUS-PC
# Running from : C:\Users\Z3 Plus\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
Service Deleted : MgAssistService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Plus-HD-7.6
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\genienext
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Z3 Plus\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Z3 Plus\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Z3 Plus\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Z3 Plus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Z3 Plus\Documents\Mobogenie
File Deleted : C:\END
File Deleted : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-codedownloader
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-enabler.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-enabler
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-firefoxinstaller
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-updater.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-updater
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-7.6
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\Plus-HD-7.6
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : search_url
Deleted : suggest_url
*************************
AdwCleaner[R0].txt - [8750 octets] - [12/03/2014 16:38:40]
AdwCleaner[R1].txt - [8808 octets] - [12/03/2014 19:54:57]
AdwCleaner[S0].txt - [7683 octets] - [12/03/2014 20:00:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7743 octets] ##########
# AdwCleaner v3.021 - Report created 12/03/2014 at 20:00:32
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Z3 Plus - Z3PLUS-PC
# Running from : C:\Users\Z3 Plus\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
Service Deleted : MgAssistService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Plus-HD-7.6
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\genienext
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Z3 Plus\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Z3 Plus\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Z3 Plus\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Z3 Plus\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Z3 Plus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Z3 Plus\Documents\Mobogenie
File Deleted : C:\END
File Deleted : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-codedownloader
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-enabler.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-enabler
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-firefoxinstaller
File Deleted : C:\Windows\Tasks\Plus-HD-7.6-updater.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-7.6-updater
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511071178}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-7.6
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\Plus-HD-7.6
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Z3 Plus\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : search_url
Deleted : suggest_url
*************************
AdwCleaner[R0].txt - [8750 octets] - [12/03/2014 16:38:40]
AdwCleaner[R1].txt - [8808 octets] - [12/03/2014 19:54:57]
AdwCleaner[S0].txt - [7683 octets] - [12/03/2014 20:00:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7743 octets] ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Virus ?
A to ostatní?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 120 hostů