Prosim o kontrolu a prečistenie Vyřešeno

[jerabina]

Tyto položky jsi v RogueKilleru nezaškrtl úmyslně?
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno

Pokud ne, RogueKiller proveď znova, označ i tyto položky a dej mazat. Následně sem vlož log.

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

[Reklama]

[majco]

Problemi nepociťujem jedna sa o preventivnu kontrolu a pripadne prečistenie PC...nič zatial výnimočné nepozorujem...

[jerabina]

Potom tedy pokračuj mými dalšími instrukcemi, které jsem uvedl v mém minulém příspěvku.

[majco]

RogueKiller V10.6.2.0 [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : rodina [Administrator]
Started from : C:\Users\rodina\Downloads\RogueKiller.exe
Mode : Delete -- Date : 05/08/2015 15:24:12

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Replaced (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Replaced (0)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9320325AS ATA Device +++++
--- User ---
[MBR] 5a5a932c1daa53667e78b82cf891bb22
[BSP] 156b01cba26c0b353df5ff003f9debc4 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 155146 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 317947904 | Size: 149996 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Multiple Card Reader USB Device +++++
Error reading User MBR! ([15] Zariadenie nie je pripravené. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?iadavka nie je podporovaná. )


============================================
RKreport_SCN_05082015_130259.log - RKreport_SCN_05082015_131903.log - RKreport_DEL_05082015_132245.log - RKreport_SCN_05082015_145503.log
RKreport_DEL_05082015_145551.log - RKreport_SCN_05082015_152129.log

[majco]

Log po fixnuti
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:30:39, on 8. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\AntiLogger\AntiLogger.exe
C:\Program Files\trend micro\rodina.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AntiLogger] "C:\Program Files\AntiLogger\AntiLogger.exe" /minimized
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\PROGRA~1\KEYCRY~1\KEYCRY~3.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 2813 bytes

[majco]

# DelFix v1.010 - Logfile created 08/05/2015 at 15:33:31
# Updated 26/04/2015 by Xplode
# Username : rodina - RODINA-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\zoek-results.log
Deleted : C:\Users\rodina\Desktop\JRT.txt
Deleted : C:\Users\rodina\Downloads\adwcleaner_4.203.exe
Deleted : C:\Users\rodina\Downloads\JRT.exe
Deleted : C:\Users\rodina\Downloads\RogueKiller.exe
Deleted : C:\Users\rodina\Downloads\RSIT.exe
Deleted : C:\Users\rodina\Downloads\TFC.exe
Deleted : C:\Users\rodina\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #80 [Revo Uninstaller's restore point - Emsisoft Anti-Malware | 05/04/2015 15:29:38]
Deleted : RP #82 [Revo Uninstaller's restore point - AntiLogger | 05/04/2015 17:42:10]
Deleted : RP #84 [Revo Uninstaller's restore point - Kaspersky Internet Security | 05/06/2015 15:21:19]
Deleted : RP #85 [Operácia obnovovania | 05/06/2015 16:01:42]
Deleted : RP #87 [Revo Uninstaller's restore point - Kaspersky Internet Security | 05/06/2015 16:57:04]
Deleted : RP #88 [Nainštalované: ESET Smart Security | 05/06/2015 17:10:31]
Deleted : RP #89 [Operácia obnovovania | 05/06/2015 17:24:12]
Deleted : RP #91 [Revo Uninstaller's restore point - Kaspersky Internet Security | 05/06/2015 17:34:22]
Deleted : RP #93 [Revo Uninstaller's restore point - AntiLogger | 05/06/2015 17:46:50]
Deleted : RP #94 [Nainštalované: ESET Smart Security | 05/06/2015 18:24:00]
Deleted : RP #96 [Revo Uninstaller's restore point - Mozilla Firefox 37.0.2 (x86 sk) | 05/07/2015 16:09:29]
Deleted : RP #97 [zoek.exe restore point | 05/08/2015 11:28:52]

New restore point created !

########## - EOF - ##########

[jerabina]

Dobře, pokud nejsou problémy, můžeš toto téma uzamknout, to se dělá přes zelenou fajfku

[majco]

Dakujem pekne za prečistenie a tvoj čas...