Prosím o kontrolu logu, děkuji ✅ Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37272
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu, děkuji

Příspěvekod jaro3 » 28 říj 2017 10:23

Pokud to neskončí , zkus Sophos v nouz. režimu.


Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 12:26

Tak jsem to spustila znovu, jako jede to... stále to prohledává... ale ta zelená čára je v podstatě pořád na stejném místě... tak nevím jestli to bude trvat hodinu, dvě, půl dne nebo co... Včera mi to jelo něco přes hodinu a taky se to nikam nepohlo, tak nevím jestli to běží jak má... jestli to mám nechat běžet celý den nebo jak poznám že to nejde jak by mělo...

Obrázek

EDIT: Tak konečně vidím i nějakou změnu, asi tam toho mám prostě moc ke kontrole... takže to bude ještě nějakou chvíli trvat... potom dopošlu zbytek...
Naposledy upravil(a) Pandora Rosalez dne 28 říj 2017 16:02, celkem upraveno 1 x.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37272
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu, děkuji

Příspěvekod jaro3 » 28 říj 2017 13:37

OK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 16:18

2017-10-27 19:47:34.798 Sophos Virus Removal Tool version 2.6.1
2017-10-27 19:47:34.798 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-10-27 19:47:34.798 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-10-27 19:47:34.798 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 Win32
2017-10-27 19:47:34.798 Checking for updates...
2017-10-27 19:47:34.860 Update progress: proxy server not available
2017-10-27 19:47:51.278 Downloading updates...
2017-10-27 19:47:51.294 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-10-27 19:47:51.294 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-27 19:47:51.294 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-27 19:47:51.294 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-10-27 19:47:51.294 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-10-27 19:47:51.294 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
2017-10-27 19:47:51.294 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
2017-10-27 19:47:51.294 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
2017-10-27 19:47:51.294 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
2017-10-27 19:47:51.294 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-27 19:47:51.591 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-10-27 19:47:51.591 Update progress: [I19463] Product download size 174235198 bytes
2017-10-27 19:47:54.387 Option all = no
2017-10-27 19:47:54.387 Option recurse = yes
2017-10-27 19:47:54.387 Option archive = no
2017-10-27 19:47:54.387 Option service = yes
2017-10-27 19:47:54.387 Option confirm = yes
2017-10-27 19:47:54.387 Option sxl = yes
2017-10-27 19:47:54.387 Option max-data-age = 35
2017-10-27 19:47:54.387 Option vdl-logging = yes
2017-10-27 19:47:54.419 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-10-27 19:47:54.419 Machine ID: 95f357e8e88c4e6e91cad88c5005ddcc
2017-10-27 19:47:54.419 Component SVRTcli.exe version 2.6.1
2017-10-27 19:47:54.419 Component control.dll version 2.6.1
2017-10-27 19:47:54.419 Component SVRTservice.exe version 2.6.1
2017-10-27 19:47:54.419 Component engine\osdp.dll version 1.44.1.2286
2017-10-27 19:47:54.434 Component engine\veex.dll version 3.68.6.2286
2017-10-27 19:47:54.434 Component engine\savi.dll version 9.0.7.2286
2017-10-27 19:47:54.434 Component rkdisk.dll version 1.5.31.1
2017-10-27 19:47:54.434 Version info: Product version 2.6.1
2017-10-27 19:47:54.434 Version info: Detection engine 3.68.6
2017-10-27 19:47:54.434 Version info: Detection data 5.44
2017-10-27 19:47:54.434 Version info: Build date 19. 9. 2017
2017-10-27 19:47:54.434 Version info: Data files added 304
2017-10-27 19:47:54.434 Version info: Last successful update (not yet updated)
2017-10-27 19:48:19.392 Update progress: [I19463] Syncing product IDE545 LATEST path=
2017-10-27 19:48:19.392 Update progress: [I19463] Product download size 2585002 bytes
2017-10-27 19:48:27.456 Update progress: [I19463] Syncing product IDE546 LATEST path=
2017-10-27 19:48:27.456 Update progress: [I19463] Product download size 2844072 bytes
2017-10-27 19:48:31.034 Update progress: [I19463] Syncing product IDE547 LATEST path=
2017-10-27 19:48:31.034 Update progress: [I19463] Syncing product IDE548 LATEST path=
2017-10-27 19:48:31.707 Installing updates...
2017-10-27 19:48:32.941 Error level 1
2017-10-27 19:49:11.702 Update successful
2017-10-27 19:49:28.460 Option all = no
2017-10-27 19:49:28.460 Option recurse = yes
2017-10-27 19:49:28.460 Option archive = no
2017-10-27 19:49:28.460 Option service = yes
2017-10-27 19:49:28.460 Option confirm = yes
2017-10-27 19:49:28.460 Option sxl = yes
2017-10-27 19:49:28.460 Option max-data-age = 35
2017-10-27 19:49:28.460 Option vdl-logging = yes
2017-10-27 19:49:28.475 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-10-27 19:49:28.475 Machine ID: 95f357e8e88c4e6e91cad88c5005ddcc
2017-10-27 19:49:28.475 Component SVRTcli.exe version 2.6.1
2017-10-27 19:49:28.475 Component control.dll version 2.6.1
2017-10-27 19:49:28.475 Component SVRTservice.exe version 2.6.1
2017-10-27 19:49:28.475 Component engine\osdp.dll version 1.44.1.2286
2017-10-27 19:49:28.475 Component engine\veex.dll version 3.68.6.2286
2017-10-27 19:49:28.475 Component engine\savi.dll version 9.0.7.2286
2017-10-27 19:49:28.475 Component rkdisk.dll version 1.5.31.1
2017-10-27 19:49:28.475 Version info: Product version 2.6.1
2017-10-27 19:49:28.475 Version info: Detection engine 3.68.6
2017-10-27 19:49:28.475 Version info: Detection data 5.44
2017-10-27 19:49:28.475 Version info: Build date 19. 9. 2017
2017-10-27 19:49:28.475 Version info: Data files added 304
2017-10-27 19:49:28.475 Version info: Last successful update 27. 10. 2017 21:49:11

2017-10-27 20:34:08.290 Error level 0

2017-10-27 20:34:13.665 Scan cancelled by user.
2017-10-27 20:34:13.665

------------------------------------------------------------

2017-10-27 20:34:44.255 Sophos Virus Removal Tool version 2.6.1
2017-10-27 20:34:44.255 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-10-27 20:34:44.255 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-10-27 20:34:44.255 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 Win32
2017-10-27 20:34:44.255 Checking for updates...
2017-10-27 20:34:44.630 Update progress: proxy server not available
2017-10-27 20:34:56.430 Downloading updates...
2017-10-27 20:34:56.430 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-10-27 20:34:56.430 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-27 20:34:56.430 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-27 20:34:56.430 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-10-27 20:34:56.430 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-10-27 20:34:56.430 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
2017-10-27 20:34:56.430 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
2017-10-27 20:34:56.430 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
2017-10-27 20:34:56.430 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
2017-10-27 20:34:56.430 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-27 20:35:09.749 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-10-27 20:35:12.953 Update progress: [I19463] Syncing product IDE545 LATEST path=
2017-10-27 20:35:16.874 Update progress: [I19463] Syncing product IDE546 LATEST path=
2017-10-27 20:35:16.874 Update progress: [I19463] Syncing product IDE547 LATEST path=
2017-10-27 20:35:16.874 Update progress: [I19463] Syncing product IDE548 LATEST path=
2017-10-27 20:35:17.109 Installing updates...
2017-10-27 20:35:23.781 Option all = no
2017-10-27 20:35:25.015 Option recurse = yes
2017-10-27 20:35:25.015 Option archive = no
2017-10-27 20:35:25.015 Option service = yes
2017-10-27 20:35:25.015 Option confirm = yes
2017-10-27 20:35:25.015 Option sxl = yes
2017-10-27 20:35:25.015 Option max-data-age = 35
2017-10-27 20:35:25.015 Option vdl-logging = yes
2017-10-27 20:35:25.015 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-10-27 20:35:25.015 Machine ID: 95f357e8e88c4e6e91cad88c5005ddcc
2017-10-27 20:35:25.015 Component SVRTcli.exe version 2.6.1
2017-10-27 20:35:25.015 Component control.dll version 2.6.1
2017-10-27 20:35:25.015 Component SVRTservice.exe version 2.6.1
2017-10-27 20:35:25.015 Component engine\osdp.dll version 1.44.1.2286
2017-10-27 20:35:25.015 Component engine\veex.dll version 3.68.6.2286
2017-10-27 20:35:25.015 Component engine\savi.dll version 9.0.7.2286
2017-10-27 20:35:25.015 Component rkdisk.dll version 1.5.31.1
2017-10-27 20:35:25.015 Version info: Product version 2.6.1
2017-10-27 20:35:25.015 Version info: Detection engine 3.68.6
2017-10-27 20:35:25.015 Version info: Detection data 5.44
2017-10-27 20:35:25.015 Version info: Build date 19. 9. 2017
2017-10-27 20:35:25.015 Version info: Data files added 304
2017-10-27 20:35:25.015 Version info: Last successful update 27. 10. 2017 21:49:11
2017-10-27 20:35:25.031 Error level 1
2017-10-27 20:35:25.671 Update successful
2017-10-27 20:35:51.298 Option all = no
2017-10-27 20:35:51.298 Option recurse = yes
2017-10-27 20:35:51.298 Option archive = no
2017-10-27 20:35:51.298 Option service = yes
2017-10-27 20:35:51.298 Option confirm = yes
2017-10-27 20:35:51.298 Option sxl = yes
2017-10-27 20:35:51.314 Option max-data-age = 35
2017-10-27 20:35:51.314 Option vdl-logging = yes
2017-10-27 20:35:51.314 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-10-27 20:35:51.314 Machine ID: 95f357e8e88c4e6e91cad88c5005ddcc
2017-10-27 20:35:51.314 Component SVRTcli.exe version 2.6.1
2017-10-27 20:35:51.314 Component control.dll version 2.6.1
2017-10-27 20:35:51.314 Component SVRTservice.exe version 2.6.1
2017-10-27 20:35:51.314 Component engine\osdp.dll version 1.44.1.2286
2017-10-27 20:35:51.314 Component engine\veex.dll version 3.68.6.2286
2017-10-27 20:35:51.314 Component engine\savi.dll version 9.0.7.2286
2017-10-27 20:35:51.314 Component rkdisk.dll version 1.5.31.1
2017-10-27 20:35:51.314 Version info: Product version 2.6.1
2017-10-27 20:35:51.330 Version info: Detection engine 3.68.6
2017-10-27 20:35:51.330 Version info: Detection data 5.44
2017-10-27 20:35:51.330 Version info: Build date 19. 9. 2017
2017-10-27 20:35:51.330 Version info: Data files added 304
2017-10-27 20:35:51.330 Version info: Last successful update 27. 10. 2017 22:35:25

2017-10-27 21:16:30.824 Error level 0

2017-10-27 21:16:31.746 Scan cancelled by user.
2017-10-27 21:16:31.746

------------------------------------------------------------

2017-10-28 09:48:57.447 Sophos Virus Removal Tool version 2.6.1
2017-10-28 09:48:57.447 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-10-28 09:48:57.447 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-10-28 09:48:57.447 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 Win32
2017-10-28 09:48:57.450 Checking for updates...
2017-10-28 09:48:57.508 Update progress: proxy server not available
2017-10-28 09:49:01.611 Downloading updates...
2017-10-28 09:49:01.611 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-10-28 09:49:01.611 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-28 09:49:01.611 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-28 09:49:01.611 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-10-28 09:49:01.611 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-10-28 09:49:01.611 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
2017-10-28 09:49:01.611 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
2017-10-28 09:49:01.611 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
2017-10-28 09:49:01.611 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
2017-10-28 09:49:01.611 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-28 09:49:12.211 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-10-28 09:49:16.421 Update progress: [I19463] Syncing product IDE545 LATEST path=
2017-10-28 09:49:21.761 Update progress: [I19463] Syncing product IDE546 LATEST path=
2017-10-28 09:49:21.761 Update progress: [I19463] Product download size 40440 bytes
2017-10-28 09:49:22.169 Update progress: [I19463] Syncing product IDE547 LATEST path=
2017-10-28 09:49:22.176 Update progress: [I19463] Syncing product IDE548 LATEST path=
2017-10-28 09:49:22.297 Installing updates...
2017-10-28 09:49:40.822 Option all = no
2017-10-28 09:49:42.057 Option recurse = yes
2017-10-28 09:49:42.057 Option archive = no
2017-10-28 09:49:42.057 Option service = yes
2017-10-28 09:49:42.057 Option confirm = yes
2017-10-28 09:49:42.057 Option sxl = yes
2017-10-28 09:49:42.057 Option max-data-age = 35
2017-10-28 09:49:42.057 Option vdl-logging = yes
2017-10-28 09:49:42.057 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-10-28 09:49:42.057 Machine ID: 95f357e8e88c4e6e91cad88c5005ddcc
2017-10-28 09:49:42.057 Component SVRTcli.exe version 2.6.1
2017-10-28 09:49:42.057 Component control.dll version 2.6.1
2017-10-28 09:49:42.057 Component SVRTservice.exe version 2.6.1
2017-10-28 09:49:42.057 Component engine\osdp.dll version 1.44.1.2286
2017-10-28 09:49:42.057 Component engine\veex.dll version 3.68.6.2286
2017-10-28 09:49:42.057 Component engine\savi.dll version 9.0.7.2286
2017-10-28 09:49:42.057 Component rkdisk.dll version 1.5.31.1
2017-10-28 09:49:42.057 Version info: Product version 2.6.1
2017-10-28 09:49:42.057 Version info: Detection engine 3.68.6
2017-10-28 09:49:42.057 Version info: Detection data 5.44
2017-10-28 09:49:42.057 Version info: Build date 19. 9. 2017
2017-10-28 09:49:42.057 Version info: Data files added 304
2017-10-28 09:49:42.057 Version info: Last successful update 27. 10. 2017 22:35:25
2017-10-28 09:49:42.057 Error level 1
2017-10-28 09:49:43.123 Update successful
2017-10-28 09:50:16.690 Option all = no
2017-10-28 09:50:16.690 Option recurse = yes
2017-10-28 09:50:16.690 Option archive = no
2017-10-28 09:50:16.690 Option service = yes
2017-10-28 09:50:16.690 Option confirm = yes
2017-10-28 09:50:16.690 Option sxl = yes
2017-10-28 09:50:16.693 Option max-data-age = 35
2017-10-28 09:50:16.693 Option vdl-logging = yes
2017-10-28 09:50:16.704 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-10-28 09:50:16.704 Machine ID: 95f357e8e88c4e6e91cad88c5005ddcc
2017-10-28 09:50:16.706 Component SVRTcli.exe version 2.6.1
2017-10-28 09:50:16.706 Component control.dll version 2.6.1
2017-10-28 09:50:16.707 Component SVRTservice.exe version 2.6.1
2017-10-28 09:50:16.707 Component engine\osdp.dll version 1.44.1.2286
2017-10-28 09:50:16.707 Component engine\veex.dll version 3.68.6.2286
2017-10-28 09:50:16.708 Component engine\savi.dll version 9.0.7.2286
2017-10-28 09:50:16.708 Component rkdisk.dll version 1.5.31.1
2017-10-28 09:50:16.708 Version info: Product version 2.6.1
2017-10-28 09:50:16.709 Version info: Detection engine 3.68.6
2017-10-28 09:50:16.709 Version info: Detection data 5.44
2017-10-28 09:50:16.709 Version info: Build date 19. 9. 2017
2017-10-28 09:50:16.709 Version info: Data files added 307
2017-10-28 09:50:16.709 Version info: Last successful update 28. 10. 2017 11:49:43

2017-10-28 11:20:06.011 Could not open C:\Boot\BCD
2017-10-28 11:20:10.024 Could not open C:\hiberfil.sys
2017-10-28 11:20:13.490 Could not open C:\pagefile.sys
2017-10-28 11:53:21.140 >>> Virus 'Troj/Agent-APRJ' found in file C:\Program Files\The Sims 4\Game\Bin\RldOrigin.dll
2017-10-28 11:53:32.468 >>> Virus 'Troj/Agent-APRJ' found in file C:\Program Files\The Sims 4\Game\Bin\RldOrigin_x64.dll
2017-10-28 11:57:09.439 Could not open C:\swapfile.sys
2017-10-28 11:59:07.477 Could not open C:\System Volume Information\{1d4f787c-b3d8-11e7-b404-001a4df693ac}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-28 11:59:07.478 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-28 11:59:07.479 Could not open C:\System Volume Information\{3d655fba-baec-11e7-b40e-001a4df693ac}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-28 11:59:07.480 Could not open C:\System Volume Information\{6a2d8a81-ae65-11e7-b3f9-001a4df693ac}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-28 11:59:07.481 Could not open C:\System Volume Information\{d37bca53-bb49-11e7-b413-001a4df693ac}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-28 12:20:10.681 Could not open C:\WINDOWS\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-10-28 12:20:10.695 Could not open C:\WINDOWS\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-10-28 12:20:17.632 Could not open C:\WINDOWS\System32\config\BBI
2017-10-28 12:20:18.035 Could not open C:\WINDOWS\System32\config\RegBack\DEFAULT
2017-10-28 12:20:18.050 Could not open C:\WINDOWS\System32\config\RegBack\SAM
2017-10-28 12:20:18.063 Could not open C:\WINDOWS\System32\config\RegBack\SECURITY
2017-10-28 12:20:18.078 Could not open C:\WINDOWS\System32\config\RegBack\SOFTWARE
2017-10-28 12:20:18.091 Could not open C:\WINDOWS\System32\config\RegBack\SYSTEM
2017-10-28 12:42:00.360 >>> Virus 'Mal/Generic-S' found in file D:\Download\GTA IV PC\GTA-4--patch-proti-sek+Crack-Game-2016.zip
2017-10-28 12:42:00.361 >>> Virus 'Mal/Generic-S' found in file D:\Download\GTA IV PC\GTA-4--patch-proti-sek+Crack-Game-2016.zip
2017-10-28 12:42:00.363 >>> Virus 'Mal/Generic-S' found in file D:\Download\GTA IV PC\GTA-4--patch-proti-sek+Crack-Game-2016.zip
2017-10-28 12:45:01.456 Could not open LOGICAL:0004:00000000
2017-10-28 12:45:01.590 Could not open E:\
2017-10-28 12:45:01.594 Could not open LOGICAL:0005:00000000
2017-10-28 12:45:01.600 Could not open F:\
2017-10-28 12:45:01.603 Could not open LOGICAL:0006:00000000
2017-10-28 12:45:01.610 Could not open G:\
2017-10-28 12:45:01.613 Could not open LOGICAL:0007:00000000
2017-10-28 12:45:01.620 Could not open H:\
2017-10-28 12:45:01.624 Could not open LOGICAL:0009:00000000
2017-10-28 12:45:01.629 Could not open J:\
2017-10-28 12:53:21.268 >>> Virus 'W32/Rebhip-W' found in file K:\INSTALL\PC GAMES\Angry Birds Rio PC\Patch\Patch.exe
2017-10-28 12:59:30.504 >>> Virus 'Troj/Mdrop-DHC' found in file K:\INSTALL\Sony Vegas Pro 11.0\Keygen\Keygen.exe
2017-10-28 13:26:41.083 >>> Virus 'Mal/EncPk-ABH' found in file K:\INSTALL\The Sims 3\The Sims 3 - Kolekce\The Sims 3 - Zahradní mejdan\the-sims-3-zahradni-mejdan-crack-keygen\The Sims 3 Zahradní Mejdan crack + keygen\flt-s3ol.exe
2017-10-28 13:27:08.987 >>> Virus 'Troj/Agent-APRJ' found in file K:\INSTALL\The Sims 4\The Sims 4 - Společná zábava\Crack\Game\Bin\RldOrigin.dll
2017-10-28 13:27:21.162 >>> Virus 'Troj/Agent-APRJ' found in file K:\INSTALL\The Sims 4\The Sims 4 - Společná zábava\Crack\Game\Bin\RldOrigin_x64.dll
2017-10-28 14:02:31.446 >>> Virus 'Mal/Generic-S' found in file K:\ZÁLOHA\Disk D\Download\GTA IV PC\GTA-4--patch-proti-sek+Crack-Game-2016.zip
2017-10-28 14:02:31.462 >>> Virus 'Mal/Generic-S' found in file K:\ZÁLOHA\Disk D\Download\GTA IV PC\GTA-4--patch-proti-sek+Crack-Game-2016.zip
2017-10-28 14:02:31.462 >>> Virus 'Mal/Generic-S' found in file K:\ZÁLOHA\Disk D\Download\GTA IV PC\GTA-4--patch-proti-sek+Crack-Game-2016.zip
2017-10-28 14:14:25.361 Could not open PHYSICAL:0083:0000:0000:0001
2017-10-28 14:14:25.379 Could not open PHYSICAL:0084:0000:0000:0001
2017-10-28 14:14:25.379 Could not open PHYSICAL:0085:0000:0000:0001
2017-10-28 14:14:25.379 Could not open PHYSICAL:0086:0000:0000:0001
2017-10-28 14:14:25.438 The following items will be cleaned up:
2017-10-28 14:14:25.438 Troj/Agent-APRJ
2017-10-28 14:14:25.438 Mal/Generic-S
2017-10-28 14:14:25.438 W32/Rebhip-W
2017-10-28 14:14:25.438 Troj/Mdrop-DHC
2017-10-28 14:14:25.439 Mal/EncPk-ABH
2017-10-28 14:16:41.095 Threat 'Troj/Agent-APRJ' has been cleaned up.
2017-10-28 14:16:41.095 File "C:\Program Files\The Sims 4\Game\Bin\RldOrigin.dll" belongs to 'Troj/Agent-APRJ'.
2017-10-28 14:16:41.096 File "C:\Program Files\The Sims 4\Game\Bin\RldOrigin.dll" has been cleaned up.
2017-10-28 14:16:41.096 File "C:\Program Files\The Sims 4\Game\Bin\RldOrigin_x64.dll" belongs to 'Troj/Agent-APRJ'.
2017-10-28 14:16:41.096 File "C:\Program Files\The Sims 4\Game\Bin\RldOrigin_x64.dll" has been cleaned up.
2017-10-28 14:16:41.096 File "K:\INSTALL\The Sims 4\The Sims 4 - Společná zábava\Crack\Game\Bin\RldOrigin.dll" belongs to 'Troj/Agent-APRJ'.
2017-10-28 14:16:41.096 File "K:\INSTALL\The Sims 4\The Sims 4 - Společná zábava\Crack\Game\Bin\RldOrigin.dll" has been cleaned up.
2017-10-28 14:16:41.096 File "K:\INSTALL\The Sims 4\The Sims 4 - Společná zábava\Crack\Game\Bin\RldOrigin_x64.dll" belongs to 'Troj/Agent-APRJ'.
2017-10-28 14:16:41.096 File "K:\INSTALL\The Sims 4\The Sims 4 - Společná zábava\Crack\Game\Bin\RldOrigin_x64.dll" has been cleaned up.
2017-10-28 14:16:41.096 Removal successful
2017-10-28 14:16:57.500 Threat 'Mal/Generic-S' was not cleaned up. (error 0xa0040208)
2017-10-28 14:16:57.500 Removal failed
2017-10-28 14:17:08.900 Threat 'W32/Rebhip-W' has been cleaned up.
2017-10-28 14:17:08.900 File "K:\INSTALL\PC GAMES\Angry Birds Rio PC\Patch\Patch.exe" belongs to 'W32/Rebhip-W'.
2017-10-28 14:17:08.900 File "K:\INSTALL\PC GAMES\Angry Birds Rio PC\Patch\Patch.exe" has been cleaned up.
2017-10-28 14:17:08.900 File "C:\WINDOWS\System32\Drivers\etc\hosts2" belongs to 'W32/Rebhip-W'.
2017-10-28 14:17:08.900 File "C:\WINDOWS\System32\Drivers\etc\hosts2" has been cleaned up.
2017-10-28 14:17:08.900 File "C:\WINDOWS\System32\Drivers\etc\hosts.2017102816178" belongs to 'W32/Rebhip-W'.
2017-10-28 14:17:08.900 File "C:\WINDOWS\System32\Drivers\etc\hosts.2017102816178" has been cleaned up.
2017-10-28 14:17:08.901 File "C:\WINDOWS\System32\Drivers\etc\hosts" belongs to 'W32/Rebhip-W'.
2017-10-28 14:17:08.901 File "C:\WINDOWS\System32\Drivers\etc\hosts" has been cleaned up.
2017-10-28 14:17:08.901 Removal successful
2017-10-28 14:17:19.280 Threat 'Troj/Mdrop-DHC' has been cleaned up.
2017-10-28 14:17:19.280 File "K:\INSTALL\Sony Vegas Pro 11.0\Keygen\Keygen.exe" belongs to 'Troj/Mdrop-DHC'.
2017-10-28 14:17:19.280 File "K:\INSTALL\Sony Vegas Pro 11.0\Keygen\Keygen.exe" has been cleaned up.
2017-10-28 14:17:19.280 Removal successful
2017-10-28 14:17:28.975 Threat 'Mal/EncPk-ABH' has been cleaned up.
2017-10-28 14:17:28.975 File "K:\INSTALL\The Sims 3\The Sims 3 - Kolekce\The Sims 3 - Zahradní mejdan\the-sims-3-zahradni-mejdan-crack-keygen\The Sims 3 Zahradní Mejdan crack + keygen\flt-s3ol.exe" belongs to malware 'Mal/EncPk-ABH'.
2017-10-28 14:17:28.975 File "K:\INSTALL\The Sims 3\The Sims 3 - Kolekce\The Sims 3 - Zahradní mejdan\the-sims-3-zahradni-mejdan-crack-keygen\The Sims 3 Zahradní Mejdan crack + keygen\flt-s3ol.exe" has been cleaned up.
2017-10-28 14:17:28.976 Removal successful
2017-10-28 14:17:28.977 Error: cleanup failed.
2017-10-28 14:17:30.979 Error level 0

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 18:12

RogueKiller V12.11.21.0 [Oct 23 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 32 bits version
Spuštěno : Normální režim
Uživatel : Pandora [Práva správce]
Started from : C:\Users\Pandora\Desktop\RogueKiller_portable32.exe
Mód : Smazat -- Datum : 10/28/2017 16:21:36 (Duration : 01:32:13)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 3 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-403798575-1315362258-1524957296-1001\SOFTWARE\Microsoft\Internet Explorer\Extensions\{086C8477-4F71-4550-87FB-AF0AE8DF3E98} | Exec : C:\Users\Pandora\AppData\Roaming\ICQM\icq.exe [7] -> Smazáno
[Suspicious.Path] HKEY_USERS\S-1-5-21-403798575-1315362258-1524957296-1001\Software\Microsoft\Windows\CurrentVersion\Run | icq : C:\Users\Pandora\AppData\Roaming\ICQM\icq.exe -CU [7] -> Smazáno
[PUM.HomePage] HKEY_USERS\S-1-5-21-403798575-1315362258-1524957296-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[PUM.Proxy][Firefox:Config] t4calbr8.default-1496491937704 : user_pref("network.proxy.type", 2); -> Nahrazeno (0)
[PUM.HomePage][Firefox:Config] t4calbr8.default-1496491937704 : user_pref("browser.startup.homepage", "www.seznam.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-08M2NA0 +++++
--- User ---
[MBR] 2b9050010ce39a8d12b1dffd89cc8d76
[BSP] e9f919d5e432a1ab575d0f77c8075851 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 253855 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 519895530 | Size: 700004 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD Elements 107C USB Device +++++
--- User ---
[MBR] 91d977f21574c7c65a7ea68c1a2e9a71
[BSP] 3a905bf8affb0561c761531e73f7f764 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907696 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Seagate Expansion Desk SCSI Disk Device +++++
--- User ---
[MBR] 5b60be2127097fe82415ae36854e03e0
[BSP] a5772038827621024ac6cd3888b86945 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907728 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

+++++ PhysicalDrive3: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive5: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive6: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37272
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu, děkuji

Příspěvekod jaro3 » 28 říj 2017 19:28

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
http://leteckaposta.cz/415997425
klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 21:45

Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by Pandora on so 28. 10. 2017 at 21:34:58,52.
Microsoft Windows 8.1 Pro 6.3.9600 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Pandora\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28. 10. 2017 21:36:00 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== FireFox Fix ======================

Deleted from C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\prefs.js:

Added to C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704
user_pref("network.proxy.type", 2);

==== Firefox Extensions ======================

ProfilePath: C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Hola Better Internet - %ProfilePath%\extensions\jid1-4P0kohSJxU1qGg@jetpack
- NetVideoHunter - %ProfilePath%\extensions\netvideohunter@netvideohunter.com
- Pln Penenka Litika - %ProfilePath%\extensions\@plnapenezenkacz-firefox-extension.xpi
- Undetermined - %ProfilePath%\extensions\image_download_for_instagra@image_download_for_instagra.org.xpi
- Undetermined - %ProfilePath%\extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi
- Safe Browsing Version 4 temporary add-on - %ProfilePath%\extensions\sbv4-gradual-rollout@mozilla.com.xpi
- Undetermined - %ProfilePath%\extensions\YoutubeDownloader@PeterOlayev.com.xpi
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704
83A2A9319E33B32AD89FCBCFAF910123 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll - Shockwave Flash
705BF3208D9C466EA0FC958F6E863190 - C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U144
8EE9808AED44873E6C2F578196A53715 - C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.1440.1
67F782E92B7525A8B25EAF47408137B0 - C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll - Silverlight Plug-In
ED9E0A38629A6814C3E99060EB4228F4 - C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll - Microsoft® Silverlight
9F9E2E37C8455FCC7E2716E3AFD3EF88 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
2D45A8274592D965EDFB62ACCB1150B1 - C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll - Google Update
F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C0C3A6C6-03BC-4195-8FCB-AEA091301353}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} - https://search.yahoo.com/yhs/search?hsp ... 9__yaie&p={searchTerms}

==== Reset Google Chrome ======================

C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully

==== Empty IE Cache ======================

C:\Users\Pandora\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Pandora\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Pandora\AppData\Local\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\cache2 emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++badoo.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++cz.pinterest.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++flowhot.os.tc\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++plus.google.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++twitter.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++vulkanklub1.site\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.duolingo.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.facebook.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.interval.cz\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.kienyke.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.letgo.cz\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.letras.com\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.milujemefotografii.cz\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.topzine.cz\cache emptied successfully
C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\Profiles\t4calbr8.default-1496491937704\storage\default\https+++www.youtube.com\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pandora\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Pandora\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== EOF on so 28. 10. 2017 at 21:42:13,71 ======================

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 22:08

Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017/10/28
Operating System : Windows 8.1 32-bit
Processor : 2X AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
BIOS Mode : Legacy
CUID : 12A2573E7EC8365752093E
Scan Type : Skenování systému
Duration : 15m 3s
Scanned Objects : 163559
Detected Objects : 2
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Internet Explorer Search
Status : Skenováno
Object : Yahoo! - http://search.yahoo.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Internet Explorer Search

FormatFactory.exe
Status : Skenováno
Object : %programfiles%\formatfactory\formatfactory.exe
MD5 : 487788033C8EBF26ABD50F79757A443A
Publisher : chen jun hao
Size : 3998048
Version : 3.3.1.0
Detection : PUA:Win32/FormatFactory!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %programfiles%\formatfactory\formatfactory.exe
Odkaz - C:\Users\Pandora\Desktop\Format Factory.lnk


Cleaning Result
-------------------------------------------------------
Cleaned : 2
Reported as safe : 0
Failed : 0

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 22:11

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:13, on 28. 10. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)

FIREFOX: 56.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Labtec\Desktop\V5.1\MOffice.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Bluestacks\HD-Agent.exe
C:\Program Files\Codebox\BitMeter\BitMeter2.exe
C:\Users\Pandora\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Pandora\AppData\Local\MEGAsync\MEGAsync.exe
C:\Users\Pandora\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Pandora\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\SaveSnap\SaveSnap.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Pandora\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Pandora\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files\Bluestacks\HD-Agent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O4 - Startup: Dropbox.lnk = Pandora\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: MEGAsync.lnk = Pandora\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Startup: SaveSnap.lnk = C:\Program Files\SaveSnap\SaveSnap.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\Jaksta\AC\x86\jaudcap.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\Bluestacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\Bluestacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\Bluestacks\HD-Plus-Service.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Windows Connectivity Manager for Gramblr (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 9005 bytes

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 28 říj 2017 22:11

No jinak myslím, že ten prohlížeč jede líp a tak celkově... ale uvidím jestli to sekání zase nezačne. :)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37272
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu, děkuji

Příspěvekod jaro3 » 28 říj 2017 22:42

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"


Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Zítra dej vědět..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Pandora Rosalez
nováček
Příspěvky: 47
Registrován: srpen 13
Bydliště: Praha
Pohlaví: Žena

Re: Prosím o kontrolu logu, děkuji

Příspěvekod Pandora Rosalez » 29 říj 2017 10:58

# DelFix v1.013 - Logfile created 29/10/2017 at 10:51:51
# Updated 17/04/2016 by Xplode
# Username : Pandora - PC-PANDORA
# Operating System : Windows 8.1 Pro (32 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Pandora\Desktop\AdwCleaner.exe
Deleted : C:\Users\Pandora\Desktop\JRT.exe
Deleted : C:\Users\Pandora\Desktop\JRT.txt
Deleted : C:\Users\Pandora\Desktop\RogueKiller_portable32.exe
Deleted : C:\Users\Pandora\Desktop\zoek.exe
Deleted : C:\Users\Pandora\Downloads\AdwCleaner.exe
Deleted : C:\Users\Pandora\Downloads\JRT.exe
Deleted : C:\Users\Pandora\Downloads\HijackThis.exe
Deleted : C:\Users\Pandora\Downloads\hijackthis.log
Deleted : C:\Users\Pandora\Downloads\RogueKiller_portable32.exe
Deleted : C:\Users\Pandora\Downloads\TFC.exe
Deleted : C:\Users\Pandora\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #154 [Naplánovaný kontrolní bod | 10/11/2017 10:06:46]
Deleted : RP #155 [Windows Update | 10/18/2017 12:21:47]
Deleted : RP #156 [Naplánovaný kontrolní bod | 10/27/2017 09:09:23]
Deleted : RP #157 [JRT Pre-Junkware Removal | 10/27/2017 19:22:05]
Deleted : RP #158 [zoek.exe restore point | 10/28/2017 19:35:37]

New restore point created !

########## - EOF - ##########


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 1 host