logfile HiJackThis Vyřešeno

[petrjak]

Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016
Ran by Peca (2016-02-18 15:26:14) Run:1
Running from C:\Users\Peca\Desktop
Loaded Profiles: Peca (Available Profiles: Peca)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-809672343-419374325-4203523192-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-809672343-419374325-4203523192-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
2016-02-08 11:48 - 2016-02-08 11:48 - 00000000 ____D C:\Windows\rundll16.exe
2016-02-08 11:48 - 2016-02-08 11:48 - 00000000 ____D C:\Windows\logo1_.exe
2016-02-07 00:15 - 2016-02-09 08:14 - 00044885 _____ C:\Users\Peca\Documents\pinfect.zip
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\VDLL.DLL
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\SysWOW64\runouce.exe
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\logo_1.exe
2016-02-05 17:49 - 2016-02-08 11:47 - 00000054 _____ C:\Windows\Lic.xxx
2016-01-31 19:02 - 2016-01-31 19:02 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-31 19:02 - 2016-01-31 19:02 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\ESET
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
Task: {B75205D7-2CD6-4081-887A-93F40364E7AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {EF102E8C-8025-4DAB-A869-596660A65CC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
H:\a8faeb992466e48ea1

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-809672343-419374325-4203523192-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-809672343-419374325-4203523192-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Windows\rundll16.exe => moved successfully
C:\Windows\logo1_.exe => moved successfully
"C:\Users\Peca\Documents\pinfect.zip" => not found.
C:\Windows\VDLL.DLL => moved successfully
C:\Windows\SysWOW64\runouce.exe => moved successfully
C:\Windows\logo_1.exe => moved successfully
C:\Windows\Lic.xxx => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\ESET => moved successfully
"C:\Windows\logo1_.exe" => not found.
"C:\Windows\logo_1.exe" => not found.
"C:\Windows\rundll16.exe" => not found.
"C:\Windows\VDLL.DLL" => not found.
"C:\Windows\SysWOW64\runouce.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B75205D7-2CD6-4081-887A-93F40364E7AB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B75205D7-2CD6-4081-887A-93F40364E7AB}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EF102E8C-8025-4DAB-A869-596660A65CC9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF102E8C-8025-4DAB-A869-596660A65CC9}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
H:\a8faeb992466e48ea1 => moved successfully
EmptyTemp: => 44.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 15:26:22 ====

[Reklama]

[jaro3]

Co problémy?

[petrjak]

problemy nejsou,jen je tam stale ta skozka,co ten log,nasel ji??

[petrjak]

omlouvam sa,ta slozka je pryc.. parada,mockrat dekuji,skvela praca:-) a ty slozky co sa na ext udelaly nove,tam zustanu? jako např: SAVG,SRECYCLE.BIN,Autorun.inf,RECYCLER.. tyto slozky ktere sa tam vytvorili,tam zustanu,nebo je mam nejak odstranit?

[jaro3]

Spusť OTL a klikni na Vyčisti.



V možnostech složky si zakaž zobrazování skrytých souborů a složek+ dej zatržítko skrýt chráněné soubory operačního systému

[petrjak]

omlouvam se nevim co je to OTL..

[Orcus]

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.

[petrjak]

# DelFix v1.011 - Logfile created 19/02/2016 at 15:14:44
# Updated 18/08/2015 by Xplode
# Username : Peca - PECA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\USBFix
Deleted : C:\FRST
Deleted : C:\Users\Peca\Desktop\FRST64.exe
Deleted : C:\Users\Peca\Desktop\HijackThis.exe
Deleted : C:\Users\Peca\Desktop\SystemLook_x64.exe
Deleted : C:\Users\Peca\Desktop\UsbFix_2016_8.190.exe
Deleted : C:\Users\Peca\Downloads\SystemLook.txt
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #95 [End of disinfection | 02/12/2016 18:40:27]
Deleted : RP #96 [ComboFix created restore point | 02/15/2016 19:16:51]

New restore point created !

########## - EOF - ##########

[petrjak]

dekuji mockrat:-)