Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Rootkit: Hidden file

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Rootkit: Hidden file

#1 Příspěvek od sapis »

Prosím o pomoc neuvěřitelně se mi začal sekat PC tak jsem spustil správce úloh a je tam asi 50x "conhost.exe" (nelze ukončit) a asi 50x "nvstreamsvc.exe" (nelze ukončit) - na internetu jsem našel že to vetšinou má něco společného s virem, tak jsem dal "Úplný test systému" (Avast Free Security) a našel mi 464x → Rootkit: Hidden file

Všech 464 souborů je ve složce C:\Windows\winsxs

Prosím poraďte nevím si rady (s PC umím dobře, ale spíš s grafikou, hardwarem a weby - viry a software pro mě neni).

Předem díky za všechny rady :(

PS : Přidal jsem screen z avastu
Přílohy
viry 1 -avast.png
viry 1 -avast.png (123.32 KiB) Zobrazeno 2128 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
  • Utilitu spustte a prikazte ji, at skenuje - klik na Scan
  • Kliknutim na Save log ulozte log aswMBR na plochu
  • Obsah logu aswMBR mi sem vlozte
:arrow: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
  • Po spusteni odsouhlaste licencni podminky (klik na Accept)
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#3 Příspěvek od sapis »

aswMBR.exe → mi píše že není platný typu Win32

PS : asi jsem zapomněl napsat, že mám 32 bit OS

Prosím o odkaz na 32bit verzi - Děkuji.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#4 Příspěvek od vyosek »

aswMBR by mel byt pro vsechny typy OS, pokracujte tedy TDSSKillerem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#5 Příspěvek od sapis »

Před chvílí jsem zapnul PC dal jsem znovu test v avastu a PC je najednou čistý, ale "conhost.exe je stále 2x zapnutý a je neustále 100% využití CPU + se mi každou hodinu objeví že neodpovídá "smp.exe"

PS : Nechápu kam ty viry zmizely → pomůžete prosím :???:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#6 Příspěvek od vyosek »

:arrow: Mohla to byt jen chyba v databazi, opravena a uz nejsou falesne detekce na ten Hidden File

:arrow: Presto poprosim o ten TDSSKiller
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#7 Příspěvek od sapis »

Po dokončení mi vyskočilo toto (co s tím) :
Přílohy
Bez názvu.png
Bez názvu.png (63.85 KiB) Zobrazeno 2086 x
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#8 Příspěvek od sapis »

Tak co poradí mi někdo ? :???: ?

PLS
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#9 Příspěvek od vyosek »

:arrow: TDSSKiller je OK

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#10 Příspěvek od sapis »

Tady je ten "log" z MBAM →

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.3.2014
Scan Time: 15:34:09
Logfile: Log.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.28.04
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: A apiA!

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351029
Time Elapsed: 57 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\utilGrabRez.exe, 4444, , [6d371fe97dfede58cbaf8cc0b849f010]
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, 3644, , [416320e8621931054d82efa14ab9a957]

Modules: 0
(No malicious items detected)

Registry Keys: 60
PUP.Optional.GrabRez.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util GrabRez, , [6d371fe97dfede58cbaf8cc0b849f010],
PUP.Optional.GrabRez.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update GrabRez, , [842049bf146790a6d6a4e468e1209a66],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344554410}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355555510}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366556610}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO.1, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311551110}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311551110}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220322552210}, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox.1, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}\INPROCSERVER32, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [53516f99ec8fbe78ab4e5edd7191d030],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [505421e79dde2f07eda2799535cd1de3],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [505421e79dde2f07eda2799535cd1de3],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [505421e79dde2f07eda2799535cd1de3],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [505421e79dde2f07eda2799535cd1de3],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [505421e79dde2f07eda2799535cd1de3],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [03a13bcdf88351e5cf7680bda65c2ed2],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [03a13bcdf88351e5cf7680bda65c2ed2],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [03a13bcdf88351e5cf7680bda65c2ed2],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, , [5d47dc2c7704b77f560e7a8f7e84768a],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CF0F43AB-9C23-4D7B-8040-201B82844854}, , [faaa6d9b4536f145a89c8db01ce64fb1],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iWebar, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShopperPro, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.30.1.149, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.GrabRez.A, HKLM\SOFTWARE\GrabRez, , [6c3829df7b0046f0800ae4af2cd71ae6],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\iWebar, , [71334dbbbcbf4de9fd35344ff40f06fa],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.BHO, , [4262d92f8af17eb8033181fb8b78dc24],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.BHO.1, , [cdd759afaccfba7c270dc4b843c04ab6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.Sandbox, , [f1b324e4bdbe8fa7cc6847352dd6ce32],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.Sandbox.1, , [f5af7890760559dd70c4a6d6778cdd23],
PUP.Software.Updater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [554fd53316656cca00a24e1e6e94cd33],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [2b79f513c3b82d099fa8352b40c2cc34],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [0d97b553d1aa46f09e05413b49ba3ec2],
PUP.Optional.GrabRez.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GrabRez, , [871d0503a0db69cd721720737f84e21e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [b3f17098e79458de1accdab5cf34a15f],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [dbc99276a4d7eb4bf651223ebc469070],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [73310800e09b8fa79c692243679b1fe1],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [6143ea1e0d6ebc7ab1993942689bf30d],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\iWebar, , [d6ceb751d8a3f3438246eb7625dd6898],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2ghost.com/Plugin, , [e6be83853249e74f9f30085c21e11be5],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2npapi.com/Plugin, , [fda74eba59222016222c4a1af50d7090],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [2e76f414fb80989e08def699ca39a55b],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [7232c6428bf02e0804438bd5fa08cc34],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [287cc93f116a4cea8c5a7b14d92ac739],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [81230305b6c576c0b0972f31ae547d83],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{15E1B7DD-063E-4577-9407-5DBA0690677B}, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{91DFA6E1-90A9-4F52-A072-06AF6BAAC274}, , [584cbe4a661578be761210400101c13f],

Registry Values: 4
Riskware.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AutoKMS, C:\Windows\AutoKMS.exe, , [8d17a86087f43ef8ed45a0015fa1ca36]
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, , [416320e8621931054d82efa14ab9a957]
PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, , [416320e8621931054d82efa14ab9a957]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0M2P0U0F0B1O1O1G, , [6143ea1e0d6ebc7ab1993942689bf30d]

Registry Data: 0
(No malicious items detected)

Folders: 30
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmileysWeLove for IE, , [485ce91fcead60d62ec48df4877c916f],
PUP.Optional.iWebar.A, C:\Program Files\iWebar, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro, , [e2c254b44b30ea4c10c26f21f11222de],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\70A47A85026E490BBC988CF9C3027DA6, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\77420DCAFAE440D391FEC26D905E4A0A, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\D97D6593D98A4EB18D744D86650FA829, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\F79D19117BC143959C761607D319CF8A, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me, , [584c8187ccafe94d7ebd5ef2778b51af],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me\cache, , [584c8187ccafe94d7ebd5ef2778b51af],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Common, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10511, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10889, , [5a4a8d7b86f5e74f8603ed63a55dcb35],

Files: 148
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\utilGrabRez.exe, , [6d371fe97dfede58cbaf8cc0b849f010],
Riskware.Keygen, C:\Windows\AutoKMS.exe, , [8d17a86087f43ef8ed45a0015fa1ca36],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\updateGrabRez.exe, , [842049bf146790a6d6a4e468e1209a66],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-bho.dll, , [a2028781047770c61d7e67b2ce33bf41],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\ShopperPro.dll, , [4163fe0a1962ed49f8f3df623fc251af],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\ShopperPro64.dll, , [059f050308737eb825c6e061b64b837d],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, , [3a6ac54392e92d09950c5715f70b28d8],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SmileysWeLove.ico, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\AddinExpress.IE.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\AddinExpress.IE.tlb, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll.manifest, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxloader64.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxregistrator.exe, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\HtmlAgilityPack.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\Interop.SHDocVw.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\Microsoft.mshtml.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLCustomInstaller.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLCustomInstaller.InstallState, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLHelperLibrary.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLSettingsApp.exe, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLSettingsApp.exe.config, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\System.Net.Json.dll, , [aafab4540c6f4fe7b8394a37f112a759],
PUP.Optional.SmileysWeLove.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmileysWeLove for IE\SmileysWeLove Settings for IE.lnk, , [485ce91fcead60d62ec48df4877c916f],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\background.html, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\35510.crx, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\35510.xpi, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\Installer.log, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-bg.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-buttonutil.dll, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-chromeinstaller.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-codedownloader.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-enabler.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-firefoxinstaller.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-helper.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-updater.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar.ico, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\Uninstall.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\utils.exe, , [3371d335de9dc5716cc33152ce3534cc],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-chromeinstaller.job, , [a7fd46c288f394a2e44c5a2946bd08f8],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-codedownloader.job, , [2282a4647605f541929e830046bd6a96],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-enabler.job, , [485c4bbd3447a294ae82bdc6b84bb14f],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-firefoxinstaller.job, , [941095736e0d64d269c71f6425dee21e],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-updater.job, , [446043c5e5960e28ab852a594eb5837d],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\manifest.json, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\config.json, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\database1_0_0.json, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.crx, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.dll, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.exe, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.zip, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro64.dll, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\SPRemove.exe, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\Updater.exe, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\chrome.manifest, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\install.rdf, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content\overlay.js, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content\overlay.xul, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content\shopperpro_128.png, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\jsdrv.exe, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\jsdrv.sys, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\config.json, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\database1_0_0.json, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.sys, , [416320e8621931054d82efa14ab9a957],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\config.json, , [e2c254b44b30ea4c10c26f21f11222de],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\database1_0_0.json, , [e2c254b44b30ea4c10c26f21f11222de],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\GrabRez.ico, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\7za.exe, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\updateGrabRez.InstallState, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\utilGrabRez.InstallState, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.Bromon.dll, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.BrowserAdapterS.dll, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.BrowserFilter.dll, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.CompatibilityChecker.dll, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.PurBrowse.dll, , [168e26e298e3da5c75134c471ce7e61a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\70A47A85026E490BBC988CF9C3027DA6\pokkiInstaller.exe, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\77420DCAFAE440D391FEC26D905E4A0A\SmileysWeLove_SetupS_cdn.exe, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\D97D6593D98A4EB18D744D86650FA829\avg_tuht_stf_cs_2014_206_CZ.exe, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\F79D19117BC143959C761607D319CF8A\avg_tuht_stf_cs_2014_206_CZ.exe, , [a4005eaafa8142f4f78b4e00e31fde22],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me\nengine.cookie, , [584c8187ccafe94d7ebd5ef2778b51af],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me\cache\spark.bin, , [584c8187ccafe94d7ebd5ef2778b51af],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\passport.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\Autorun.inf, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\crx.tar, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GameApps.ini, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GameConsole.exe, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GameEngine.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GLOBALUNINSTALL.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\hmac.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\iestage2.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\IEToolbar.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\IEToolbar64.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\INSTALL.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\LastSession.log, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\log.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\MinecraftShims64.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\npTNT2.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\npTNT2Ghost.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\PARTNER.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\passport64.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\pinnedSearch.htm, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\pinnedSearch_FindWide.htm, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\ppshim.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\ppTNT2.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\progress.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\regsvr.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\RemoteSkin.wms, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\sqlite.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\tnt2chrome.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TNT2User.exe, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS64.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TntMagicDel.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UnInjLib.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UnInjLib64.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UNINSTALL.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UninstallDlg.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\untar.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UPDATE.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\xpi.tar, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\zipunzip.1.dll, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Common\GameConsole.exe, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Common\pinnedSearch.htm, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\inst.ini, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\os10511.xml, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\PARTNER.1.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\partner.dat, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\runt.ini, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\yah10511.xml, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\icon.ico, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\inst.ini, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\os10889.xml, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\PARTNER.2.TNT, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\partner.dat, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\runt.ini, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\yah10889.xml, , [584cbe4a661578be761210400101c13f],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\TNT2UserPS.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\TNT2UserPS64.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\IEToolbar.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\IEToolbar64.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\ppshim.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\ppTNT2.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10511\passport.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10511\passport64.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10889\passport.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10889\passport64.dll, , [5a4a8d7b86f5e74f8603ed63a55dcb35],

Physical Sectors: 0
(No malicious items detected)


(end)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#11 Příspěvek od vyosek »

Vsechny nalezy MBAMu smazte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#12 Příspěvek od sapis »

Včera už jsem nebyl doma a nesmazal jsem je, protože jsem odešel dříve než jste mi odepsal → dnes, když jsem přišel tak jsem to pustil znovu a ten "LOG" je jiný :

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29.3.2014
Scan Time: 6:33:50
Logfile: Log2.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.28.04
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: A apiA!

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351477
Time Elapsed: 10 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\updateGrabRez.exe, 2240, , [3a6a8781d8a33cfa2357ca82c43df30d]
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\utilGrabRez.exe, 2380, , [178dde2a36457fb77307e666b64bd030]
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, 1116, , [376dce3a8af18fa7e8e7bdd32cd7df21]

Modules: 0
(No malicious items detected)

Registry Keys: 60
PUP.Optional.GrabRez.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update GrabRez, , [3a6a8781d8a33cfa2357ca82c43df30d],
PUP.Optional.GrabRez.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util GrabRez, , [178dde2a36457fb77307e666b64bd030],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344554410}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355555510}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366556610}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO.1, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311551110}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311551110}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220322552210}, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox.1, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}\INPROCSERVER32, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [1f859e6a92e9ec4a6e8b8bb032d0f40c],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [0f9500082d4e68ce315e20ee11f10ff1],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [0f9500082d4e68ce315e20ee11f10ff1],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [0f9500082d4e68ce315e20ee11f10ff1],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [0f9500082d4e68ce315e20ee11f10ff1],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [0f9500082d4e68ce315e20ee11f10ff1],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [990b4fb92c4f4fe73e07b7868b7722de],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [990b4fb92c4f4fe73e07b7868b7722de],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [990b4fb92c4f4fe73e07b7868b7722de],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, , [f3b1fc0c9cdf2214fb6955b4da281fe1],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CF0F43AB-9C23-4D7B-8040-201B82844854}, , [02a2a365a8d36dc9de66ba83c43e6d93],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iWebar, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShopperPro, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.30.1.149, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.GrabRez.A, HKLM\SOFTWARE\GrabRez, , [851f3ace4f2cc076f199712252b1f20e],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\iWebar, , [e3c17c8c651655e176bc0281c142dc24],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.BHO, , [960e0305314ab38386ae94e8aa596b95],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.BHO.1, , [5b49e127790259dd8ea69ddfe32059a7],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.Sandbox, , [ced69c6c1e5dc76f4ee6c0bcac5724dc],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051382.Sandbox.1, , [f4b0ab5d7605280ea78d3448f50e966a],
PUP.Software.Updater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [2f75ec1c1f5cbc7ab6eccaa2857ddc24],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [a8fc2bddaad1dc5a87c0cc94db272bd5],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [dfc548c0c6b594a2742fb7c5e81bcb35],
PUP.Optional.GrabRez.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GrabRez, , [83216c9c186351e58efbaae920e3a35d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [158ff414a4d7221450967e1127dcce32],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [ddc72eda44378da93d0ac39d19e943bd],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [eaba38d0e39891a5b451c99cae547789],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [e6bee0282358ae88ca80b8c3976cef11],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\iWebar, , [366e97712c4fb0869335b4ad20e2ba46],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2ghost.com/Plugin, , [693bd73187f4b086755adf855aa8fe02],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2npapi.com/Plugin, , [5e4645c3a4d7d3633f0ff76d25dd43bd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [fba959aff08b8fa78c5a8d02e91ac13f],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [3e66f414017aed492126233dec165ea2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [327212f68bf088aec323b0df57ac05fb],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [acf8da2e81fa5cdae562b7a9bf43a35d],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{15E1B7DD-063E-4577-9407-5DBA0690677B}, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{91DFA6E1-90A9-4F52-A072-06AF6BAAC274}, , [1292050385f6102614744c043fc3629e],

Registry Values: 4
Riskware.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AutoKMS, C:\Windows\AutoKMS.exe, , [564ec0482f4cd95d1121d0d1f50bfb05]
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21]
PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647992315-3541425724-1935701960-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0M2P0U0F0B1O1O1G, , [e6bee0282358ae88ca80b8c3976cef11]

Registry Data: 0
(No malicious items detected)

Folders: 30
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmileysWeLove for IE, , [ffa522e699e2f04650a25d2424dfe21e],
PUP.Optional.iWebar.A, C:\Program Files\iWebar, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro, , [b0f4e02889f285b1983ac5cb3cc7ed13],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\70A47A85026E490BBC988CF9C3027DA6, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\77420DCAFAE440D391FEC26D905E4A0A, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\D97D6593D98A4EB18D744D86650FA829, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\F79D19117BC143959C761607D319CF8A, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me, , [455f56b276053105d566e868d13133cd],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me\cache, , [455f56b276053105d566e868d13133cd],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Common, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10511, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10889, , [881c8286eb9011254b3e75db62a06898],

Files: 148
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\updateGrabRez.exe, , [3a6a8781d8a33cfa2357ca82c43df30d],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\utilGrabRez.exe, , [178dde2a36457fb77307e666b64bd030],
Riskware.Keygen, C:\Windows\AutoKMS.exe, , [564ec0482f4cd95d1121d0d1f50bfb05],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-bho.dll, , [a2025eaaec8f62d4ecafbd5cf50cb54b],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\ShopperPro.dll, , [218337d1166539fd23c829189e63c33d],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\ShopperPro64.dll, , [1c888d7bd4a7e353e209a69b38c954ac],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, , [693b36d20f6cff37a2ff53192fd3fa06],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SmileysWeLove.ico, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\AddinExpress.IE.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\AddinExpress.IE.tlb, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll.manifest, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxloader64.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\adxregistrator.exe, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\HtmlAgilityPack.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\Interop.SHDocVw.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\Microsoft.mshtml.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLCustomInstaller.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLCustomInstaller.InstallState, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLHelperLibrary.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLSettingsApp.exe, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\SWLSettingsApp.exe.config, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\Program Files\Smileys We Love Toolbar for IE\System.Net.Json.dll, , [475d19efec8fad89ab46126fae551fe1],
PUP.Optional.SmileysWeLove.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmileysWeLove for IE\SmileysWeLove Settings for IE.lnk, , [ffa522e699e2f04650a25d2424dfe21e],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\background.html, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\35510.crx, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\35510.xpi, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\Installer.log, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-bg.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-buttonutil.dll, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-chromeinstaller.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-codedownloader.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-enabler.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-firefoxinstaller.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-helper.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar-updater.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\iWebar.ico, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\Uninstall.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Program Files\iWebar\utils.exe, , [396bb256d8a3bd7955da453e49baba46],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-chromeinstaller.job, , [bbe9ea1eee8d68ce0f21a9da8c77b44c],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-codedownloader.job, , [069e5aaed9a25cdaa789ceb56e950cf4],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-enabler.job, , [881cb94f97e46acc40f01a69f40faf51],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-firefoxinstaller.job, , [cfd530d8e596d66081af85fe0003c838],
PUP.Optional.iWebar.A, C:\Windows\Tasks\iWebar-updater.job, , [3f65ea1ee8933ef8250bb7cc20e39d63],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\manifest.json, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\config.json, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\database1_0_0.json, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.crx, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.dll, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro.zip, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\ShopperPro64.dll, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\SPRemove.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\Updater.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\chrome.manifest, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\install.rdf, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content\overlay.js, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content\overlay.xul, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\FireFox\content\shopperpro_128.png, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\jsdrv.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\jsdrv.sys, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\config.json, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\database1_0_0.json, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.exe, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\Program Files\ShopperPro\JSDriver\1.30.1.149\jsdrv.sys, , [376dce3a8af18fa7e8e7bdd32cd7df21],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\config.json, , [b0f4e02889f285b1983ac5cb3cc7ed13],
PUP.Optional.ShopperPro.A, C:\ProgramData\ShopperPro\database1_0_0.json, , [b0f4e02889f285b1983ac5cb3cc7ed13],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\GrabRez.ico, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\7za.exe, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\updateGrabRez.InstallState, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\utilGrabRez.InstallState, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.Bromon.dll, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.BrowserAdapterS.dll, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.BrowserFilter.dll, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.CompatibilityChecker.dll, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.GrabRez.A, C:\Program Files\GrabRez\bin\plugins\GrabRez.PurBrowse.dll, , [3e669d6bee8dc86ed4b45b380df6758b],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\70A47A85026E490BBC988CF9C3027DA6\pokkiInstaller.exe, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\77420DCAFAE440D391FEC26D905E4A0A\SmileysWeLove_SetupS_cdn.exe, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\D97D6593D98A4EB18D744D86650FA829\avg_tuht_stf_cs_2014_206_CZ.exe, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.OpenCandy, C:\Users\A apiA!\AppData\Roaming\OpenCandy\F79D19117BC143959C761607D319CF8A\avg_tuht_stf_cs_2014_206_CZ.exe, , [178dba4e4c2f211562207cd260a2966a],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me\nengine.cookie, , [455f56b276053105d566e868d13133cd],
PUP.Optional.NextLive.A, C:\Users\A apiA!\AppData\Roaming\newnext.me\cache\spark.bin, , [455f56b276053105d566e868d13133cd],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\passport.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\Autorun.inf, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\crx.tar, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GameApps.ini, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GameConsole.exe, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GameEngine.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\GLOBALUNINSTALL.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\hmac.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\iestage2.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\IEToolbar.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\IEToolbar64.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\INSTALL.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\LastSession.log, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\log.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\MinecraftShims64.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\npTNT2.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\npTNT2Ghost.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\PARTNER.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\passport64.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\pinnedSearch.htm, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\pinnedSearch_FindWide.htm, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\ppshim.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\ppTNT2.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\progress.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\regsvr.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\RemoteSkin.wms, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\sqlite.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\tnt2chrome.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TNT2User.exe, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS64.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\TntMagicDel.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UnInjLib.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UnInjLib64.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UNINSTALL.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UninstallDlg.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\untar.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\UPDATE.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\xpi.tar, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\2.0.0.1760\zipunzip.1.dll, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Common\GameConsole.exe, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Common\pinnedSearch.htm, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\inst.ini, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\os10511.xml, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\PARTNER.1.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\partner.dat, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\runt.ini, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10511\yah10511.xml, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\icon.ico, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\inst.ini, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\os10889.xml, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\PARTNER.2.TNT, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\partner.dat, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\runt.ini, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Users\A apiA!\AppData\Local\TNT2\Profiles\10889\yah10889.xml, , [1292050385f6102614744c043fc3629e],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\TNT2UserPS.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\TNT2UserPS64.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\IEToolbar.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\IEToolbar64.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\ppshim.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1760\ppTNT2.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10511\passport.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10511\passport64.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10889\passport.dll, , [881c8286eb9011254b3e75db62a06898],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10889\passport64.dll, , [881c8286eb9011254b3e75db62a06898],

Physical Sectors: 0
(No malicious items detected)


(end)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#13 Příspěvek od vyosek »

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sapis
5. stupeň - BAN
Příspěvky: 29
Registrován: 25 bře 2014 18:35
Bydliště: Strakonice
Kontaktovat uživatele:
Kontaktovat uživatele sapis

Re: Rootkit: Hidden file

#14 Příspěvek od sapis »

Sorry že sem se neozval, ale problem je vyřešen :D :closed:
Naposledy upravil(a) vyosek dne 04 kvě 2014 13:17, celkem upraveno 1 x.
Důvod: Eliminace smajliku, nejsme na xchatu!!
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Rootkit: Hidden file

#15 Příspěvek od vyosek »

OK, tema zamykam...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“