Re: Prosím o preventivní kontrolu logu Vyřešeno
Napsal: 02 zář 2017 22:28
RogueKiller V12.11.12.0 (x64) [Aug 28 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 10 (10.0.15063) 64 bits version
Spuštěno : Normální režim
Uživatel : Jarda [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Smazat -- Datum : 09/02/2017 20:02:36 (Duration : 00:20:30)
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 6 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\eSupport.com -> Smazáno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\eSupport.com -> Smazáno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\Microsoft\Windows\CurrentVersion\Run | UpdateReminder : C:\ProgramData\DriverAgentPlus\UpdateReminder\UpdateReminder.exe [x] -> Smazáno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\Microsoft\Windows\CurrentVersion\Run | UpdateReminder : C:\ProgramData\DriverAgentPlus\UpdateReminder\UpdateReminder.exe [x] -> ERROR [2]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 212.80.70.2 212.80.66.7 ([-][Czechia]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{80685fec-1324-4152-99e2-46b80e835739} | DhcpNameServer : 212.80.70.2 212.80.66.7 ([-][Czechia]) -> Nahrazeno ()
¤¤¤ Úlohy : 1 ¤¤¤
[PUP.HackTool|VT.not-a-virus:RiskTool.Win32.HackKMS.f] \AutoKMS -- C:\WINDOWS\AutoKMS\AutoKMS.exe -> Smazáno
¤¤¤ Soubory : 4 ¤¤¤
[PUP.HackTool][Složka] C:\Windows\AutoKMS -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\AutoKMS\AutoKMS.exe -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\AutoKMS\AutoKMS.log -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\KMSAuto.exe -> Smazáno
[File.Forged][Soubor] C:\Windows\System32\drivers\drmk.sys -> Nahrazeno p?i restartu ( @Src C:\Users\Jarda\AppData\Local\Temp\snack\drmk.sys)
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\4qfpdw2m.4d1 -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\dre0x1uo.zhk -> Smazáno
[PUP.Gen1][Soubor] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\Drivers.data -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\h1hedxi3.nsl -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\mz0bxct2.vsl -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\nbblyudc.qop -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\qekkot1q.vj5 -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\qept0rih.q5j -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\qk5ctvyq.gek -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\uuzpxms4.wdy -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\uvcddpwd.s51 -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\y3vhsyyb.yxe -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\y4fgkbvj.ofz -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers -> Smazáno
[PUP.Gen1][Soubor] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\settings.dat -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy -> Smazáno
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [https://www.google.cz/|http://www.istartsurf.com/?type=hp&ts=1445769936&z=e6d3cf78e011954884563f9g4zcz3w1mbqat5qfb3w&from=cor&uid=WDCXWD7500BPKX-00HPJT0_WD-WXC1A752F0SH2F0SH] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000VX005-2EZ102 +++++
--- User ---
[MBR] a84dd93b5b19931ceaddbccc47850486
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - Basic data partition | Offset (sectors): 2048 | Size: 953868 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: ADATA SP550 +++++
--- User ---
[MBR] 29fc47f6aeacf4408eece538f3963f91
[BSP] c55ee7bafdd22ec6e708c7e75d18101d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 113971 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: WDC WD7500BPKX-00HPJT0 +++++
--- User ---
[MBR] e4ebc9d39fc675a6fd345811483dd061
[BSP] 87cb7a5735467bc245a1feb4d487f50a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 10 (10.0.15063) 64 bits version
Spuštěno : Normální režim
Uživatel : Jarda [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Smazat -- Datum : 09/02/2017 20:02:36 (Duration : 00:20:30)
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 6 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\eSupport.com -> Smazáno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\eSupport.com -> Smazáno
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\Microsoft\Windows\CurrentVersion\Run | UpdateReminder : C:\ProgramData\DriverAgentPlus\UpdateReminder\UpdateReminder.exe [x] -> Smazáno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2826222592-2511798503-296898779-1001\Software\Microsoft\Windows\CurrentVersion\Run | UpdateReminder : C:\ProgramData\DriverAgentPlus\UpdateReminder\UpdateReminder.exe [x] -> ERROR [2]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 212.80.70.2 212.80.66.7 ([-][Czechia]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{80685fec-1324-4152-99e2-46b80e835739} | DhcpNameServer : 212.80.70.2 212.80.66.7 ([-][Czechia]) -> Nahrazeno ()
¤¤¤ Úlohy : 1 ¤¤¤
[PUP.HackTool|VT.not-a-virus:RiskTool.Win32.HackKMS.f] \AutoKMS -- C:\WINDOWS\AutoKMS\AutoKMS.exe -> Smazáno
¤¤¤ Soubory : 4 ¤¤¤
[PUP.HackTool][Složka] C:\Windows\AutoKMS -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\AutoKMS\AutoKMS.exe -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\AutoKMS\AutoKMS.log -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\KMSAuto.exe -> Smazáno
[File.Forged][Soubor] C:\Windows\System32\drivers\drmk.sys -> Nahrazeno p?i restartu ( @Src C:\Users\Jarda\AppData\Local\Temp\snack\drmk.sys)
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\4qfpdw2m.4d1 -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\dre0x1uo.zhk -> Smazáno
[PUP.Gen1][Soubor] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\Drivers.data -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\h1hedxi3.nsl -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\mz0bxct2.vsl -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\nbblyudc.qop -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\qekkot1q.vj5 -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\qept0rih.q5j -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\qk5ctvyq.gek -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\uuzpxms4.wdy -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\uvcddpwd.s51 -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\y3vhsyyb.yxe -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers\y4fgkbvj.ofz -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\drivers -> Smazáno
[PUP.Gen1][Soubor] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy\settings.dat -> Smazáno
[PUP.Gen1][Složka] C:\Users\Jarda\AppData\Roaming\Easeware\DriverEasy -> Smazáno
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [https://www.google.cz/|http://www.istartsurf.com/?type=hp&ts=1445769936&z=e6d3cf78e011954884563f9g4zcz3w1mbqat5qfb3w&from=cor&uid=WDCXWD7500BPKX-00HPJT0_WD-WXC1A752F0SH2F0SH] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000VX005-2EZ102 +++++
--- User ---
[MBR] a84dd93b5b19931ceaddbccc47850486
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - Basic data partition | Offset (sectors): 2048 | Size: 953868 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: ADATA SP550 +++++
--- User ---
[MBR] 29fc47f6aeacf4408eece538f3963f91
[BSP] c55ee7bafdd22ec6e708c7e75d18101d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 113971 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: WDC WD7500BPKX-00HPJT0 +++++
--- User ---
[MBR] e4ebc9d39fc675a6fd345811483dd061
[BSP] 87cb7a5735467bc245a1feb4d487f50a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK