Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 04 črc 2017 09:20

Ještě to další.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Uživatelský avatar
prakumba
nováček
Příspěvky: 47
Registrován: leden 16
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Prosím o kontrolu logu

Příspěvekod prakumba » 06 črc 2017 09:00

2017-07-06 02:31:36.264 Sophos Virus Removal Tool version 2.6.1
2017-07-06 02:31:36.264 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-07-06 02:31:36.264 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-07-06 02:31:36.264 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
2017-07-06 02:31:36.269 Checking for updates...
2017-07-06 02:31:36.365 Update progress: proxy server not available
2017-07-06 02:31:46.227 Option all = no
2017-07-06 02:31:46.227 Option recurse = yes
2017-07-06 02:31:46.227 Option archive = no
2017-07-06 02:31:46.227 Option service = yes
2017-07-06 02:31:46.227 Option confirm = yes
2017-07-06 02:31:46.227 Option sxl = yes
2017-07-06 02:31:46.229 Option max-data-age = 35
2017-07-06 02:31:46.229 Option vdl-logging = yes
2017-07-06 02:31:46.235 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-07-06 02:31:46.236 Machine ID: 9ba7d6f894d64452b9e58b514a96840f
2017-07-06 02:31:46.244 Component SVRTcli.exe version 2.6.1
2017-07-06 02:31:46.244 Component control.dll version 2.6.1
2017-07-06 02:31:46.244 Component SVRTservice.exe version 2.6.1
2017-07-06 02:31:46.245 Component engine\osdp.dll version 1.44.1.2286
2017-07-06 02:31:46.245 Component engine\veex.dll version 3.68.6.2286
2017-07-06 02:31:46.245 Component engine\savi.dll version 9.0.7.2286
2017-07-06 02:31:46.246 Component rkdisk.dll version 1.5.31.1
2017-07-06 02:31:46.246 Version info: Product version 2.6.1
2017-07-06 02:31:46.246 Version info: Detection engine 3.68.6
2017-07-06 02:31:46.246 Version info: Detection data 5.40
2017-07-06 02:31:46.247 Version info: Build date 30.5.2017
2017-07-06 02:31:46.247 Version info: Data files added 313
2017-07-06 02:31:46.247 Version info: Last successful update (not yet updated)
2017-07-06 02:32:06.435 Downloading updates...
2017-07-06 02:32:06.437 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-07-06 02:32:06.437 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-06 02:32:06.437 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-06 02:32:06.437 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-07-06 02:32:06.437 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-07-06 02:32:06.437 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-07-06 02:32:06.437 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-07-06 02:32:06.437 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-07-06 02:32:06.437 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-06 02:32:07.222 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-07-06 02:32:07.222 Update progress: [I19463] Product download size 166581621 bytes
2017-07-06 02:32:14.062 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-07-06 02:32:14.063 Update progress: [I19463] Product download size 2265483 bytes
2017-07-06 02:32:14.989 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-07-06 02:32:14.989 Update progress: [I19463] Product download size 2018230 bytes
2017-07-06 02:32:15.316 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-07-06 02:32:15.316 Update progress: [I19463] Product download size 668883 bytes
2017-07-06 02:32:15.473 Installing updates...
2017-07-06 02:32:16.077 Error level 1
2017-07-06 02:32:21.267 Update successful
2017-07-06 02:32:32.442 Option all = no
2017-07-06 02:32:32.443 Option recurse = yes
2017-07-06 02:32:32.443 Option archive = no
2017-07-06 02:32:32.443 Option service = yes
2017-07-06 02:32:32.443 Option confirm = yes
2017-07-06 02:32:32.443 Option sxl = yes
2017-07-06 02:32:32.445 Option max-data-age = 35
2017-07-06 02:32:32.445 Option vdl-logging = yes
2017-07-06 02:32:32.452 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-07-06 02:32:32.452 Machine ID: 9ba7d6f894d64452b9e58b514a96840f
2017-07-06 02:32:32.465 Component SVRTcli.exe version 2.6.1
2017-07-06 02:32:32.465 Component control.dll version 2.6.1
2017-07-06 02:32:32.465 Component SVRTservice.exe version 2.6.1
2017-07-06 02:32:32.465 Component engine\osdp.dll version 1.44.1.2286
2017-07-06 02:32:32.466 Component engine\veex.dll version 3.68.6.2286
2017-07-06 02:32:32.466 Component engine\savi.dll version 9.0.7.2286
2017-07-06 02:32:32.467 Component rkdisk.dll version 1.5.31.1
2017-07-06 02:32:32.467 Version info: Product version 2.6.1
2017-07-06 02:32:32.467 Version info: Detection engine 3.68.6
2017-07-06 02:32:32.467 Version info: Detection data 5.40
2017-07-06 02:32:32.467 Version info: Build date 30.5.2017
2017-07-06 02:32:32.467 Version info: Data files added 314
2017-07-06 02:32:32.467 Version info: Last successful update 6.7.2017 4:32:21

2017-07-06 03:03:41.605 Could not open C:\Boot\BCD
2017-07-06 03:03:46.233 Could not open C:\hiberfil.sys
2017-07-06 03:04:19.138 Could not open C:\pagefile.sys
2017-07-06 03:12:10.210 >>> Virus 'Mal/Generic-S' found in file C:\Program Files (x86)\Microsoft Studios\Forza Horizon 3\OpusDev\LaunchFinal.exe
2017-07-06 03:12:10.210 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 03:12:10.211 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 03:13:36.952 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-06 03:13:36.953 Could not open C:\System Volume Information\{652fefb4-607d-11e7-b9ec-1c6f65917c50}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-06 03:13:36.953 Could not open C:\System Volume Information\{652fefb8-607d-11e7-b9ec-1c6f65917c50}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-06 03:13:36.953 Could not open C:\System Volume Information\{652fefcb-607d-11e7-b9ec-1c6f65917c50}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-06 03:13:36.954 Could not open C:\System Volume Information\{652ff095-607d-11e7-b9ec-1c6f65917c50}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-06 03:14:42.138 Could not open C:\Users\troyssd\AppData\Roaming\Opera Software\Opera Stable\Current Session
2017-07-06 03:15:55.993 >>> Virus 'Mal/Generic-S' found in file C:\Users\troyssd\Downloads\Recuva-1.53.1087-PROFESSIONL+-crack\Recuva 1.53.1087 PROFESSIONL+ crack.exe
2017-07-06 03:15:55.994 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 03:15:55.994 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 03:21:16.403 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-07-06 03:21:16.404 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-07-06 03:21:18.181 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-07-06 03:21:18.183 Could not open C:\Windows\System32\config\RegBack\SAM
2017-07-06 03:21:18.184 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-07-06 03:21:18.186 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-07-06 03:21:18.187 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-07-06 03:37:39.618 >>> Virus 'Mal/Packer' found in file E:\DISK c\downloads\Trapcode-3D-Stroke-2.0.4\trapcode.multikeygen.v1.1.exe
2017-07-06 03:37:39.619 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 03:37:39.620 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 05:13:55.849 >>> Virus 'Mal/VMProtBad-A' found in file E:\Users\troy2\Documents\Downloads\Need-for-Speed-Most-Wanted-2012-CZ\Need for Speed Most Wanted 2012 CZ\Crack\NFS13.exe
2017-07-06 05:13:55.850 >>> Virus 'Mal/VMProtBad-A' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 05:13:55.851 >>> Virus 'Mal/VMProtBad-A' found in file HKU\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-07-06 06:02:45.662 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-1000x200.html
2017-07-06 06:02:45.668 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-120x600.html
2017-07-06 06:02:45.674 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-160x600.html
2017-07-06 06:02:45.681 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-300x250.html
2017-07-06 06:02:45.686 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-300x300.html
2017-07-06 06:02:45.690 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-300x600.html
2017-07-06 06:02:45.694 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-480x300.html
2017-07-06 06:02:45.697 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-490x310.html
2017-07-06 06:02:45.701 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-960x300.html
2017-07-06 06:02:45.705 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-970x210.html
2017-07-06 06:02:45.708 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\html\stara-myslivecka-970x90.html
2017-07-06 06:02:45.720 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-120x600.jpg
2017-07-06 06:02:45.723 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-160x600.jpg
2017-07-06 06:02:45.726 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-300x250.jpg
2017-07-06 06:02:45.731 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-300x300.jpg
2017-07-06 06:02:45.734 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-480x300.jpg
2017-07-06 06:02:45.737 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-490x310.jpg
2017-07-06 06:02:45.741 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-960x300.jpg
2017-07-06 06:02:45.745 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-970x210.jpg
2017-07-06 06:02:45.748 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-970x90.jpg
2017-07-06 06:02:45.751 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-990x100.jpg
2017-07-06 06:02:45.755 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\jpg\stara-myslivecka-prava-strana-120x600.jpg
2017-07-06 06:02:45.761 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-120x600.swf
2017-07-06 06:02:45.765 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-160x600.swf
2017-07-06 06:02:45.769 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-300x250.swf
2017-07-06 06:02:45.772 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-300x300.swf
2017-07-06 06:02:45.776 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-300x600.swf
2017-07-06 06:02:45.779 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-480x300.swf
2017-07-06 06:02:45.783 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-490x310.swf
2017-07-06 06:02:45.786 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-960x300.swf
2017-07-06 06:02:45.790 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-970x210.swf
2017-07-06 06:02:45.793 Could not open G:\DOKUMENTY ZALOHA NOTEBOOK\stara záloha\11_ÚČETNICTVÍ A KLIENTI TAP PRODUCTION\Klienti prochlapy\all09\swf\stara-myslivecka-970x90.swf
2017-07-06 06:55:49.233 The following items will be cleaned up:
2017-07-06 06:55:49.233 Mal/Generic-S
2017-07-06 06:55:49.233 Mal/Packer
2017-07-06 06:55:49.233 Mal/VMProtBad-A

Uživatelský avatar
prakumba
nováček
Příspěvky: 47
Registrován: leden 16
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Prosím o kontrolu logu

Příspěvekod prakumba » 06 črc 2017 09:10

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Professional x64
Ran by troyssd (Administrator) on źt 06.07.2017 at 9:06:39,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 17

Failed to delete: C:\Program Files (x86)\driver-soft (Folder)
Successfully deleted: C:\ProgramData\drivergenius (Folder)
Successfully deleted: C:\ProgramData\esellerate (Folder)
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\troyssd\AppData\Local\{0F376500-DFBE-47DE-A1F0-B86761A82BF2} (Empty Folder)
Successfully deleted: C:\Users\troyssd\AppData\Roaming\Mozilla\Firefox\Profiles\vqlcwanp.default\yasearch-xb\packages\{1341d4f6-66ed-4763-a712-e32b52b7e68a}\mailru.xml (File)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (troyssd) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_Install_troyssd (Task)
Successfully deleted: C:\Users\troyssd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23YZXPGD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\troyssd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\738OKT8W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\troyssd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITACTJ8F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\troyssd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0T6XYWL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23YZXPGD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\738OKT8W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITACTJ8F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0T6XYWL (Temporary Internet Files Folder)

Deleted the following from C:\Users\troyssd\AppData\Roaming\Mozilla\Firefox\Profiles\vqlcwanp.default\prefs.js
user_pref(distribution.yandex.bookmarksProcessed, true);
user_pref(extensions.installedDistroAddon.vb@yandex.ru, true);
user_pref(extensions.installedDistroAddon.yasearch@yandex.ru, true);
user_pref(extensions.vb@yandex.ru.sdk.baseURI, resource://vb-at-yandex-dot-ru/);
user_pref(extensions.vb@yandex.ru.sdk.domain, vb-at-yandex-dot-ru);
user_pref(extensions.vb@yandex.ru.sdk.load.reason, install);
user_pref(extensions.vb@yandex.ru.sdk.rootURI, jar:file:///C:/Users/troyssd/AppData/Roaming/Mozilla/Firefox/Profiles/vqlcwanp.default/extensions/vb@yandex.ru.xpi!/);
user_pref(extensions.vb@yandex.ru.sdk.version, 2.31.6);
user_pref(extensions.vb@yandex.ru.stat.usage.send, false);
user_pref(extensions.xpiState, {\app-profile\:{\vb@yandex.ru\:{\d\:\C:\\\\Users\\\\troyssd\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vqlcwanp.defaul
user_pref(extensions.yasearch@yandex.ru.autoinstall.activated, [\hxxp://bar.yandex.ru/packages/yandexbar#logo\,\hxxp://bar.yandex.ru/packages/yandexbar#mail\,\hxxp://b
user_pref(extensions.yasearch@yandex.ru.branding.lastupdate, 1482402032);
user_pref(extensions.yasearch@yandex.ru.creator, Яндекс);
user_pref(extensions.yasearch@yandex.ru.daylyaddonstat.collect, 1490510326);
user_pref(extensions.yasearch@yandex.ru.defender.homepage.changes, 0|0|0);
user_pref(extensions.yasearch@yandex.ru.defender.homepage.enabled, true);
user_pref(extensions.yasearch@yandex.ru.defender. ... .protected, hxxp://www.yandex.ru/?clid=2039341);
user_pref(extensions.yasearch@yandex.ru.description, Быстрый доступ ко всем возможностям Яндекса);
user_pref(extensions.yasearch@yandex.ru.general.install.time, 1490510320);
user_pref(extensions.yasearch@yandex.ru.guid.value, {5dba055c-d857-4b1d-9b64-2303fb2fe012});
user_pref(extensions.yasearch@yandex.ru.homepageURL, hxxps://element.yandex.ru);
user_pref(extensions.yasearch@yandex.ru.license.accepted, true);
user_pref(extensions.yasearch@yandex.ru.name, Элементы Яндекса);
user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/a ... st-session, {\
user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/a ... st-session,
user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/a ... st.history, {\htt
user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar ... ettings.ip, 192.168.0.192);
user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar ... s.position, {\latitude\:\50.0790787\,\longitude\:\
user_pref(extensions.yasearch@yandex.ru.stat.usage.send, false);
user_pref(extensions.yasearch@yandex.ru.vendor.default.cookie, true);
user_pref(extensions.yasearch@yandex.ru.versions.lastAddon, 8.21.1);
user_pref(extensions.yasearch@yandex.ru.versions.lastBuild, 8);



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 06.07.2017 at 9:09:21,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 06 črc 2017 09:11

Ty cracky na hry a programy bys měl smazat , pokud to už neudělal Sophos.

Ještě udělej ten RogueKiller
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
prakumba
nováček
Příspěvky: 47
Registrován: leden 16
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Prosím o kontrolu logu

Příspěvekod prakumba » 06 črc 2017 09:51

RogueKiller V12.11.5.0 (x64) [Jul 3 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : troyssd [Práva správce]
Started from : C:\Users\troyssd\Desktop\RogueKiller_portable64.exe
Mód : Prohledat -- Datum : 07/06/2017 09:12:37 (Duration : 00:19:26)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 26 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {306DC3D9-21DB-4147-A14B-C2F9130FA386} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\troy2\AppData\Roaming\uTorrent\utorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A244B3A-3F4F-43F7-9D0C-DFDA5A246D60} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\troy2\AppData\Roaming\uTorrent\utorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4A7C15BE-1D35-493F-AC8E-73C2EF4B7413} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F8A0E083-53F9-420C-80F6-DA94827E0A4D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1089EAF5-AE01-4073-8E29-3A095B16C871} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5A409060-C50B-40FC-BA37-9BAB423FEE9C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{7FDACBB1-DBE7-4176-9CF4-9785C9F040A1}C:\users\troyssd\appdata\local\temp\keygen.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\troyssd\appdata\local\temp\keygen.exe|Name=keygen.exe|Desc=keygen.exe|Defer=User| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{8CF9A682-3989-4DEA-9DF7-807A3C0F2B2E}C:\users\troyssd\appdata\local\temp\keygen.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\troyssd\appdata\local\temp\keygen.exe|Name=keygen.exe|Desc=keygen.exe|Defer=User| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {306DC3D9-21DB-4147-A14B-C2F9130FA386} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\troy2\AppData\Roaming\uTorrent\utorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A244B3A-3F4F-43F7-9D0C-DFDA5A246D60} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\troy2\AppData\Roaming\uTorrent\utorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4A7C15BE-1D35-493F-AC8E-73C2EF4B7413} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F8A0E083-53F9-420C-80F6-DA94827E0A4D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1089EAF5-AE01-4073-8E29-3A095B16C871} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5A409060-C50B-40FC-BA37-9BAB423FEE9C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{7FDACBB1-DBE7-4176-9CF4-9785C9F040A1}C:\users\troyssd\appdata\local\temp\keygen.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\troyssd\appdata\local\temp\keygen.exe|Name=keygen.exe|Desc=keygen.exe|Defer=User| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{8CF9A682-3989-4DEA-9DF7-807A3C0F2B2E}C:\users\troyssd\appdata\local\temp\keygen.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\troyssd\appdata\local\temp\keygen.exe|Name=keygen.exe|Desc=keygen.exe|Defer=User| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {306DC3D9-21DB-4147-A14B-C2F9130FA386} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\troy2\AppData\Roaming\uTorrent\utorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A244B3A-3F4F-43F7-9D0C-DFDA5A246D60} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\troy2\AppData\Roaming\uTorrent\utorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4A7C15BE-1D35-493F-AC8E-73C2EF4B7413} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F8A0E083-53F9-420C-80F6-DA94827E0A4D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1089EAF5-AE01-4073-8E29-3A095B16C871} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C36B\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5A409060-C50B-40FC-BA37-9BAB423FEE9C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\troy2\AppData\Local\Temp\skype.exe|Name=skype.exe| [x] -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\RK_troy2_ON_E_C664\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\RK_troy2_ON_E_C664\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2355449394-796308985-3639473744-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 4 ¤¤¤
[PUP.Gen2][Firefox:Addon] vqlcwanp.default : ?????????? ???????? [vb@yandex.ru] -> Nalezeno
[PUP.Gen2][Firefox:Addon] vqlcwanp.default : Yandex Elements [yasearch@yandex.ru] -> Nalezeno
[PUP.Gen0][Chrome:Addon] Default : Video Downloader professional [elicpjhcidhpjomhibiffojpinpmmpil] -> Nalezeno
[PUP.Gen1][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.yessearches.com/?mode=nnnb&ptid=dam&uid=F33EEFC8B298195444B8B6582CFE4FAF&v=20160421&ts=AHEqAHEoB3UnA0..] -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A240G SCSI Disk Device +++++
--- User ---
[MBR] 3f35d270d9f80b3eccb3f186f61a0600
[BSP] 70d979f947b7667222d417b1e6bf973a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 228834 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

+++++ PhysicalDrive1: ST2000DM001-1ER164 ATA Device +++++
--- User ---
[MBR] 8ccce4050ef1026bf24dc01a3a73a4bf
[BSP] 7b0d18e63ff57dc104396b30c17ca67d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Mass Storage Device USB Device +++++
--- User ---
[MBR] 51b51c09a3779482ad50d0de7655ef29
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 29660 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Seagate Expansion Desk USB Device +++++
Error reading User MBR! ([57] Parametr není správný. )
Error reading LL1 MBR! ([79] ?asový limit semaforu vypr?el. )
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Uživatelský avatar
prakumba
nováček
Příspěvky: 47
Registrován: leden 16
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Prosím o kontrolu logu

Příspěvekod prakumba » 06 črc 2017 09:52

Jasně děkuji, smažu.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 06 črc 2017 12:46

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.


Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 12 hostů