Kotrola a pomoc s notasem Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Kotrola a pomoc s notasem

Příspěvekod joseee » 07 dub 2014 21:47

Ahojte, mohli by jste mi mrknout na tenhle log? Cely notas je nějaky pofiderní. Díky.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:16, on 7.4.2014
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\SYSTEM32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\SYSTEM32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Jana\AppData\Local\VNT\vntldr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Opera\opera.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=KMPV7c& ... 01-19&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60285
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60285
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60285
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60285
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: KMP Media Toolbar BHO - {4B4D5056-3763-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\KMPV7c\Passport.dll" (file missing)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - (no file)
O2 - BHO: (no name) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - (no file)
O3 - Toolbar: (no name) - {837CC356-411E-4654-B2A2-ECA1F037979F} - (no file)
O3 - Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
O3 - Toolbar: KMP Media Toolbar - {4B4D5056-3763-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\KMPV7c\Passport.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7164 bytes

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod jaro3 » 08 dub 2014 09:40

Doinstaluj si SP2!

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 09:23

# AdwCleaner v3.023 - Report created 10/04/2014 at 09:17:18
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium (32 bits)
# Username : Jana - JANA-PC
# Running from : C:\Users\Jana\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP

***** [ Files / Folders ] *****

File Found : C:\Windows\system32\roboot.exe
File Found : C:\Windows\System32\Tasks\LaunchApp
Folder Found C:\Program Files\24x7Help
Folder Found C:\Program Files\AskPartnerNetwork
Folder Found C:\Program Files\Common Files\Spigot
Folder Found C:\Program Files\Inbox.com
Folder Found C:\Program Files\Mail.Ru
Folder Found C:\Program Files\Mobogenie
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\RebateInformer
Folder Found C:\Program Files\WinZip Registry Optimizer
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\Windows\system32\AI_RecycleBin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\Smart PC Cleaner
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Found : HKLM\SOFTWARE\Classes\CShared.TB4Client
Key Found : HKLM\SOFTWARE\Classes\CShared.TB4Script
Key Found : HKLM\SOFTWARE\Classes\CShared.TB4Server
Key Found : HKLM\SOFTWARE\Classes\CShared.TB4Server2
Key Found : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo
Key Found : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\Software\ImInstaller
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\LaunchApp
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0009EB2-05D8-477E-8AED-EF1B31ABCA7D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\Speedchecker Limited
Key Found : HKLM\Software\systweak
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18882

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.search.ask.com/?tpid=KMPV7c& ... 01-19&psv=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://www.crawler.com/search/ie.aspx?tb_id=60285
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch] - hxxp://dnl.crawler.com/support/sa_custo ... TbId=60285
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://www.crawler.com/search/ie.aspx?tb_id=60285
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://dnl.crawler.com/support/sa_custo ... TbId=60285

-\\ Google Chrome v33.0.1750.154

*************************

AdwCleaner[R0].txt - [10158 octets] - [10/04/2014 09:17:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10219 octets] ##########

Log z anti malwer za chvilku dodam)

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod Orcus » 10 dub 2014 11:01

Ještě log z MBAM. :smile:
SP2 doinstalován?
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 14:54

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.4.2014
Scan Time: 14:52:57
Logfile: mm.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.10.03
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows Vista
CPU: x86
File System: NTFS
User: Jana

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 221592
Time Elapsed: 5 hr, 29 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 26
PUP.Optional.RebateInformer.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCB69577-088B-4004-9ED8-FF5BCC83A039}, , [cbe054d46b102d090faf4204ba48f010],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{CCB69577-088B-4004-9ED8-FF5BCC83A039}, , [cbe054d46b102d090faf4204ba48f010],
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DCC39ACE-709B-44EA-B062-5F6BE2774644}, , [9a110c1cff7ce45275eb41cf887a748c],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [d2d9c95f116a5bdb5b61a0a648bad927],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CLSID\{183643C8-EE67-4574-9A38-927852E34163}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{506F578A-91E1-46CE-830F-E2F4268E9966}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E9BBD270-4B87-4EE2-912F-6635674986C0}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CShared.TB4Server, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CShared.TB4Client, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CShared.TB4Script, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8736C681-37A0-40C6-A0F0-4C083409151C}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CLSID\{EFB46ED3-8FD8-4051-8FD6-DD9CE7E63BEF}, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\CShared.TB4Server2, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{438B047C-C041-4D15-98CF-A97C6B366C28}, , [eebde345b5c6e056f0f058379f64956b],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\InstallIQ, , [e9c284a4e299c6707216b9b4c63c966a],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\CTOOLBAR\PLUGINS\REBATEINF, , [eac132f6d4a765d1d66b0660ab579f61],
PUP.Optional.RebateInformer.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CTOOLBAR\PLUGINS\REBATEINF, , [3d6e7bad2c4fd1657cc6f175cf33619f],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [8b202701433839fdbfe98fe4f30fd030],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [42690325df9c330329bce2a717ec24dc],

Registry Values: 2
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\INBOX.COM\SHARED\CSHARED.DLL, 1, , [8229ac7c99e256e08357751ad42fa55b]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, , [42690325df9c330329bce2a717ec24dc]

Registry Data: 0
(No malicious items detected)

Folders: 12
PUP.Optional.RebateInformer.A, C:\Program Files\RebateInformer, , [eebde345b5c6e056f0f058379f64956b],
PUP.Optional.24x7.A, C:\Program Files\24x7Help, , [a3081117f08bae88dfb005531de59f61],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp, , [c1ea1e0a3348fe382be5ee6f8a78c739],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0, , [c1ea1e0a3348fe382be5ee6f8a78c739],

Files: 36
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, , [d8d39d8b89f2092d98466b1f3bc8a55b],
PUP.Optional.InboxToolBar.A, C:\Program Files\Inbox.com\Shared\CShared.dll, , [8229ac7c99e256e08357751ad42fa55b],
PUP.Optional.RebateInformer.A, C:\Program Files\RebateInformer\unins000.dat, , [eebde345b5c6e056f0f058379f64956b],
PUP.Optional.RebateInformer.A, C:\Program Files\RebateInformer\RebateI.dll, , [eebde345b5c6e056f0f058379f64956b],
PUP.Optional.RebateInformer.A, C:\Program Files\RebateInformer\RebateInf.exe, , [eebde345b5c6e056f0f058379f64956b],
PUP.Optional.24x7.A, C:\Program Files\24x7Help\unins000.exe, , [a3081117f08bae88dfb005531de59f61],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png, , [c3e864c4f18afc3a62ac92cbdc2649b7],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\background.html, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\config.json, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\manifest.json, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-128.png, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-48.png, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\background.js, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\loader_1036.js, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\utils.js, , [aefdf236d5a6191dbc53382542c0f60a],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-128.png, , [c1ea1e0a3348fe382be5ee6f8a78c739],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-19.png, , [c1ea1e0a3348fe382be5ee6f8a78c739],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-48.png, , [c1ea1e0a3348fe382be5ee6f8a78c739],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\background.js, , [c1ea1e0a3348fe382be5ee6f8a78c739],
PUP.Optional.SlickSavings.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\manifest.json, , [c1ea1e0a3348fe382be5ee6f8a78c739],
PUP.Optional.ASK.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "https://www.facebook.com/?ref=tn_tnmn", "https://www.google.com/intl/cs/chrome/browser/index.html#eula", "http://www.msn.com/?pc=UP97&ocid=UP97DHP", "http://www.search.ask.com/?tpid=KMPV7c&o=APN11363&pf=V7&trgb=CR&p2=,[14971810aad1f73f49ab2f1730d4e020]EBA2,[14971810aad1f73f49ab2f1730d4e020]EYYYYYY,[14971810aad1f73f49ab2f1730d4e020]EYY,[14971810aad1f73f49ab2f1730d4e020]ECZ&gct=hp&apn_ptnrs=,[14971810aad1f73f49ab2f1730d4e020]EBA2&apn_dtid=,[14971810aad1f73f49ab2f1730d4e020]EYYYYYY,[14971810aad1f73f49ab2f1730d4e020]EYY,[14971810aad1f73f49ab2f1730d4e020]ECZ&apn_dbr=cr_32.0.1700.76&apn_uid=25F9CCFE-7D86-45FF-83F3-EDA19AFCE6E1&itbv=12.10.0.3727&doi=2014-01-19&psv=" ],), ,[14971810aad1f73f49ab2f1730d4e020]

Physical Sectors: 0
(No malicious items detected)


(end)

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 14:59

SP2 jsem nedoinstaloval, abych pradu rekl ani nevím jak.
PS: uz jsem stahl sp2 ale chce to nejdrie SP1 takze ten tedom stahuju a uvidí zdali se mi to podaří nainstalovat.

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 18:39

Takze behem instalace SP1 mi to hodi hlasku o chybě 0x800F081F. Docetl jsem se ze v tomto prípadě je nutné stahnout a nainstalovat. Nástroj připravenosti aktualizace systému pro systém Windows Vista.
Coz jsem udělal a to probehlo v poradku. Pak jsem se pustil do znovu nainstalování SP1 ale dočkal jsem se zae te samé chyby. Tak ted uz nevím co dál.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod jaro3 » 10 dub 2014 19:06

Ruční instalace aktualizace SP2 pomocí samostatného instalačního balíčku
http://windows.microsoft.com/cs-cz/wind ... pack-2-sp2

udělej až po odvirování..

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 19:48

zkousim to rucni instalací kterou jsem si stahl presne jak ukazujes odkaz, nicmene OK pockam na odvirování.
Zatím probehlo smazani v ADW a jdu dale pokracovat
# AdwCleaner v3.023 - Report created 10/04/2014 at 19:36:54
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium (32 bits)
# Username : Jana - JANA-PC
# Running from : C:\Users\Jana\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files\24x7Help
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\Inbox.com
Folder Deleted : C:\Program Files\Mail.Ru
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\RebateInformer
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Windows\system32\AI_RecycleBin
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Windows\System32\Tasks\LaunchApp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0009EB2-05D8-477E-8AED-EF1B31ABCA7D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0009EB2-05D8-477E-8AED-EF1B31ABCA7D}
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server2
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo
Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Smart PC Cleaner
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\systweak
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18882

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Google Chrome v34.0.1847.116

*************************

AdwCleaner[R0].txt - [10300 octets] - [10/04/2014 09:17:18]
AdwCleaner[R1].txt - [10361 octets] - [10/04/2014 19:35:13]
AdwCleaner[S0].txt - [10102 octets] - [10/04/2014 19:36:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10163 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod memphisto » 10 dub 2014 19:54

Dodej ještě ten zbytek (Mbam, Rogue a JRT)
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 20:01

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Jana on źt 10.04.2014 at 19:51:11.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\wise registry cleaner schedule task.job"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Jana\AppData\Roaming\blekko"
Successfully deleted: [Folder] "C:\Users\Jana\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\Jana\appdata\locallow\conduit"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\Jana\appdata\local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Folder] C:\Users\Jana\appdata\local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Folder] C:\Users\Jana\appdata\local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 10.04.2014 at 20:00:55.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

joseee
Level 2.5
Level 2.5
Příspěvky: 265
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Kotrola a pomoc s notasem

Příspěvekod joseee » 10 dub 2014 20:30

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.4.2014
Scan Time: 20:29:07
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.10.03
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows Vista
CPU: x86
File System: NTFS
User: Jana

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 221727
Time Elapsed: 26 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-2991936138-3323690184-2584990984-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DCC39ACE-709B-44EA-B062-5F6BE2774644}, Quarantined, [15964adecdae79bd1b455db37c868b75],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Hacktool.Agent, C:\$RECYCLE.BIN\S-1-5-21-2991936138-3323690184-2584990984-1000\$RUOIE3P.rar, Quarantined, [d3d8e345a2d9ce688f9bff44fc05da26],
PUP.Optional.ASK.A, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "https://www.facebook.com/?ref=tn_tnmn", "https://www.google.com/intl/cs/chrome/browser/index.html#eula", "http://www.msn.com/?pc=UP97&ocid=UP97DHP", "http://www.search.ask.com/?tpid=KMPV7c&o=APN11363&pf=V7&trgb=CR&p2=Replaced,[7734ec3ce497c96db63ef056877dda26]EBA2Replaced,[7734ec3ce497c96db63ef056877dda26]EYYYYYYReplaced,[7734ec3ce497c96db63ef056877dda26]EYYReplaced,[7734ec3ce497c96db63ef056877dda26]ECZ&gct=hp&apn_ptnrs=Replaced,[7734ec3ce497c96db63ef056877dda26]EBA2&apn_dtid=Replaced,[7734ec3ce497c96db63ef056877dda26]EYYYYYYReplaced,[7734ec3ce497c96db63ef056877dda26]EYYReplaced,[7734ec3ce497c96db63ef056877dda26]ECZ&apn_dbr=cr_32.0.1700.76&apn_uid=25F9CCFE-7D86-45FF-83F3-EDA19AFCE6E1&itbv=12.10.0.3727&doi=2014-01-19&psv=" ],), Replaced,[7734ec3ce497c96db63ef056877dda26]

Physical Sectors: 0
(No malicious items detected)


(end)


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 12 hostů