jeden můj kolega byl napaden ransomwarem aka cryptolocker.
Vzhledem k jeho geolokaci a počítačové gramotnosti nejspíše nebude možné dostat log přes RSIT či FRST.
Přikládám log z AntiMalware Bytes a zajímalo by mne jak je možné zašifrovaná data dešifrovat.
Děkuji předem za odpověď.
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Scan Date: 03/01/2015
Scan Time: 15:14:59
Logfile: file.txt
Administrator: No
Version: 2.00.4.1028
Malware Database: v2015.02.01.06
Rootkit Database: v2015.02.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: uzivatel
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 322980
Time Elapsed: 18 min, 23 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 10
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-10.exe, 5196, , [65a171cd9edefa3c3cf7522f867f17e9]
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.20\OptProSmartScan.exe, 5700, , [1bebf34b7507df578c9ddb670ff2639d]
Trojan.FakeMoz.ED, C:\Users\uzivatel\AppData\Local\{CB18E376-283D-C45B-9501-710474D3FB4B}\syshost.exe, 5180, , [9472e559bac262d4420c15cd12ef837d]
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3-bg.exe, 7636, , [32d44df158246ec800336f12927345bb]
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage\VOPackage.exe, 6900, , [59adc876e6962e0847e06ed108fbfa06]
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage\VOsrv.exe, 2484, , [59adc876e6962e0847e06ed108fbfa06]
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\Q5SpeedCheckerQ64.exe, 5332, , [b0564ef04735b284486bea4557acb34d]
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\SpeedChecker.exe, 5824, , [b0564ef04735b284486bea4557acb34d]
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd\CASrv.exe, 2452, , [fe085ee099e335012b496fc43ac9fb05]
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd\ConvertAd.exe, 6636, , [fe085ee099e335012b496fc43ac9fb05]
Modules: 2
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3-bho.dll, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\184.dll, , [b0564ef04735b284486bea4557acb34d],
Registry Keys: 70
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644084496}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655085596}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666086696}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655085596}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666086696}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644084496}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0060896.BHO.1, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0060896.BHO, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0060896.BHO, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0060896.BHO.1, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622082296}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0060896.Sandbox.1, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0060896.Sandbox, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0060896.Sandbox, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0060896.Sandbox.1, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622082296}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611081196}\INPROCSERVER32, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110611081196}, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.VOPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\servervo, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [ca3c44fac3b98da9e7e384e546bd9967],
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\Cinema-Plus-1.3, , [9076043a0f6d38fe341b7acf28db45bb],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [17ef96a894e804321cb81c320201728e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, , [d234fb439be19f978c3e9acf07fcac54],
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Cinema-Plus-1.3, , [4eb883bb85f771c579d7e168966dd22e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [e521c579700c51e5e353525d8e762cd4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [f313112de6968fa752e5139c55afcb35],
PUP.Optional.CinemaPlus, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Cinema-Plus-1.3, , [64a275c9631945f1054c2227a162d12f],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, , [14f26fcfd3a94aec3f2af7b8da2a7789],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Cinema-Plus-1.3, , [6c9a8eb08af286b06fe277d2b74c8878],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [71952f0f4f2dcb6b1f50d9c79074a55b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [1ee8d46a4636ec4a86176bd7df2414ec],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\CinemaHD, , [b650e856a7d526108643f34b72910df3],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [bf4770ce9fdd1b1b4c514d05f0137c84],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5A2137E9-2D92-F012-1876-8EC1B921069A}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{38691095-2C82-E484-5D3B-F1F1FCB765EE}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{38691095-2C82-E484-5D3B-F1F1FCB765EE}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5A2137E9-2D92-F012-1876-8EC1B921069A}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\CLASSES\CLSID\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\CLASSES\CLSID\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}\INPROCSERVER32, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D49F12C5-19D9-CF62-A790-A5FF2D7019BB}, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\EB2F6D3A-E4DD-3848-9134-82670627AB0F, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.ConvertAd.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\serverca, , [fe085ee099e335012b496fc43ac9fb05],
PUP.Optional.ConvertAd.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ConvertAd, , [fe085ee099e335012b496fc43ac9fb05],
Registry Values: 3
Trojan.FakeMoz.ED, HKU\S-1-5-21-1343024091-1580818891-682003330-77912-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|syshost32, C:\Users\uzivatel\AppData\Local\{CB18E376-283D-C45B-9501-710474D3FB4B}\syshost.exe, , [9472e559bac262d4420c15cd12ef837d]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [17ef96a894e804321cb81c320201728e]
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\uzivatel\AppData\Roaming\VOPackage\uninstall.exe", , [679f90aeabd19a9c56ddb8969a69e917]
Registry Data: 0
(No malicious items detected)
Folders: 13
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.VOPackage, C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [010550eefe7ee1556cc893bb3bc8bc44],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{18B38EA5-ECD5-4C04-96D5-550B89DD16F0}, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\x64, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd, , [fe085ee099e335012b496fc43ac9fb05],
Files: 97
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-10.exe, , [65a171cd9edefa3c3cf7522f867f17e9],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.20\OptProSmartScan.exe, , [1bebf34b7507df578c9ddb670ff2639d],
Trojan.FakeMoz.ED, C:\Users\uzivatel\AppData\Local\{CB18E376-283D-C45B-9501-710474D3FB4B}\syshost.exe, , [9472e559bac262d4420c15cd12ef837d],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3-bho.dll, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3-bho64.dll, , [22e47bc3a4d80f27da5909785ea7be42],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3-bg.exe, , [32d44df158246ec800336f12927345bb],
Trojan.Agent.FSAVXGen, C:\Users\uzivatel\AppData\Roaming\ScanDisc.exe, , [3ec887b7ea92d2643d39c9ca7f821ee2],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3-codedownloader.exe, , [fc0a6ad41666da5ce251275a9a6be51b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-11.exe, , [4eb875c9fb81e74f2d3c9abb20e08977],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-2.exe, , [0303043a94e8ea4c042f1869dd2843bd],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-3.exe, , [47bfc37b6d0fce680663ce874bb53ec2],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-4.exe, , [2adc93ab95e7fb3b979c9ae7ee17758b],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218-5.exe, , [aa5c62dc413b0f272211ef9254b1e31d],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinema-Plus-1.3\utils.exe, , [9e68142a87f5d95dca6ab19b8b75857b],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.20\OptProSchedule.exe, , [a36399a50676f442a1870141c14050b0],
Trojan.Agent.FSAVXGen, C:\Users\uzivatel\AppData\Local\Temp\1366.tmp, , [f6103fff384474c29bdb5241e021758b],
Trojan.FakeMoz.ED, C:\Users\uzivatel\AppData\Local\Temp\2ed7355.tmp, , [af570d312a526fc7fb538e54a25f9a66],
Trojan.Agent.FSAVXGen, C:\Users\uzivatel\AppData\Local\Temp\E31E.tmp, , [27df1529a4d82610a7cf9bf8f908ca36],
PUP.Optional.CrossRider, C:\Users\uzivatel\AppData\Local\Temp\n1327\hqvideo_IT_1107-8336371a.exe, , [f90d8cb2285476c0642d278f37ca629e],
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage\Uninstall.exe, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage\runasu.exe, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage\VOPackage.exe, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.VOPackage.A, C:\Users\uzivatel\AppData\Roaming\VOPackage\VOsrv.exe, , [59adc876e6962e0847e06ed108fbfa06],
PUP.Optional.SpeedChecker.A, C:\Windows\Tasks\SpeedChecker Update.job, , [bd490d31364601351844350db2518b75],
PUP.Optional.SpeedChecker.A, C:\Windows\System32\Tasks\SpeedChecker Update, , [9f67f84669130a2cee6f9fa3d62d56aa],
PUP.Optional.VOPackage, C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [010550eefe7ee1556cc893bb3bc8bc44],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-1, , [5fa796a81b6110269f30ee60de25827e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-10, , [5ea876c8fa8284b2a22d6ee0ec17d12f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-11, , [c14594aa95e7320459764c0240c34fb1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-2, , [b84edd61a6d6fb3b339cf35b8b780000],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-3, , [0501b28c4b31eb4bae212e20a16256aa],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-4, , [30d6c17d83f9fa3c3e91c886c04336ca],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-5, , [bf478cb2720a5cda9b348ac4b152e51b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3277556-9813-4717-8083-c5246d146218-5_user, , [2adc67d7afcd74c2d5fa1638f90a9a66],
Trojan.Agent, C:\Users\uzivatel\AppData\Local\Temp\1387644.exe, , [12f43d015a226fc7171b652c27dcd22e],
Trojan.Agent, C:\Users\uzivatel\AppData\Local\Temp\1731798.exe, , [15f13b036f0dcd6985add0c147bc41bf],
Trojan.Agent, C:\Users\uzivatel\AppData\Local\Temp\5323190.exe, , [56b085b9d2aa77bfff33fa97c73c946c],
Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 2792877801.job, , [6a9cf34ba6d623133e0e9eda92722fd1],
Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 566327350.job, , [ad596ed00a727db93f0d5721b94b41bf],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-1.job, , [ac5a84ba700c2d098844fcb00ef6827e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-10.job, , [4eb839052953ce684c80892331d3847c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-11.job, , [30d6b6888eeeb87eddef7b317c88a25e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-2.job, , [ad59fe40245886b0b11b684453b1db25],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-3.job, , [0cfa4ef0027a9a9c4488b5f70afa32ce],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-4.job, , [31d52f0f087444f20bc13a72dc2854ac],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-5.job, , [d72f85b9ceaef73f3c905c50ca3a40c0],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d3277556-9813-4717-8083-c5246d146218-5_user.job, , [65a139054834a492517b9a1229db9070],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [a75fa39b96e6a59142a04b6194702bd5],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [9373c876cdaff6404e95327a54b032ce],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [ee1886b85f1d92a4f0f4c7e50301bb45],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [976f6bd3295364d2e9fc7b3155af619f],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\1293297481.mxaddon, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\360-60896.crx, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\60896.crx, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\60896.xpi, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\background.html, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Cinema-Plus-1.3.ico, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\d3277556-9813-4717-8083-c5246d146218.crx, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinema-Plus-1.3\Uninstall.exe, , [dd2970ce0b712b0b37dffd2507fc54ac],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [21e517279ce0092d3b20ab777a8902fe],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\GoogleCrashHandler.exe, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\GoogleUpdate.exe, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\GoogleUpdateBroker.exe, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\GoogleUpdateHelper.msi, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\GoogleUpdateOnDemand.exe, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\goopdate.dll, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\goopdateres_en.dll, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\npGoogleUpdate4.dll, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\psmachine.dll, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.GlobalUpdate.A, C:\Users\uzivatel\AppData\Local\Temp\comh.386559\psuser.dll, , [a660ba84c8b47eb865121e04fe051ae6],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\184.dat, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\184.dll, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\184_x64.dll, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\184.xpi, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\Q5SpeedCheckerQ64.dll, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\Q5SpeedCheckerQ64.exe, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\SpeedChecker.exe, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\sqlite3.dll, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\Uninstall.exe, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\x64\TandemRunner.exe, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\x64\WdfCoInstaller01009.dll, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\x64\webinstr.inf, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.SpeedChecker.A, C:\Program Files (x86)\ver5SpeedChecker\x64\webinstrNewH.sys, , [b0564ef04735b284486bea4557acb34d],
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd\carunasu.exe, , [fe085ee099e335012b496fc43ac9fb05],
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd\CASrv.exe, , [fe085ee099e335012b496fc43ac9fb05],
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd\ConvertAd.exe, , [fe085ee099e335012b496fc43ac9fb05],
PUP.Optional.ConvertAd.A, C:\Users\uzivatel\AppData\Local\ConvertAd\Uninstall.exe, , [fe085ee099e335012b496fc43ac9fb05],
Physical Sectors: 0
(No malicious items detected)
(end)
tento typ haveti - zasifrovane souboy - nelze resit na foru - je treba aby se na to odbornik podival tzv. zive, napr. pres vzdalene pripojeni a dle toho pak zvolil pripadny zpusob obnovy souboru...
Přispějete na provoz fóra?