Zavirovaný ntb

[altrok]

Velikost Plochy by nemela presahovat 200 MB. Znacne se pak brzdi start i samotny chod celeho PC.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
  HKU\S-1-5-21-2772758291-4078256221-3500050187-1001\...\MountPoints2: E - E:\Install.exe
  HKU\S-1-5-21-2772758291-4078256221-3500050187-1005\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
  HKU\S-1-5-21-2772758291-4078256221-3500050187-501\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
  FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2297\ff [Not Found]
  FF Extension: No Name - C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\rrrs58j5.default\extensions\chang.gibbons98@aol.com [Not Found]
  S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X]
  DisableService: wgclbhvqtgnwlt
  C:\Windows\SysWOW64\huaynfbvh.exe
  2014-11-12 08:30 - 2012-10-26 14:19 - 00000000 ____D () C:\Program Files\trend micro
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  Hosts:
  EmptyTemp:
  End
  

[RaiderR]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by Nikola at 2014-11-12 16:16:08 Run:2
Running from C:\Users\Nikola\Desktop
Loaded Profiles: Nikola & Next & Guest (Available profiles: Nikola & Next & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKU\S-1-5-21-2772758291-4078256221-3500050187-1001\...\MountPoints2: E - E:\Install.exe
HKU\S-1-5-21-2772758291-4078256221-3500050187-1005\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKU\S-1-5-21-2772758291-4078256221-3500050187-501\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2297\ff [Not Found]
FF Extension: No Name - C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\rrrs58j5.default\extensions\chang.gibbons98@aol.com [Not Found]
S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X]
DisableService: wgclbhvqtgnwlt
C:\Windows\SysWOW64\huaynfbvh.exe
2014-11-12 08:30 - 2012-10-26 14:19 - 00000000 ____D () C:\Program Files\trend micro
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Malwarebytes Anti-Malware (cleanup) => value deleted successfully.
"HKU\S-1-5-21-2772758291-4078256221-3500050187-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2772758291-4078256221-3500050187-1001" => Key not found.
HKU\S-1-5-21-2772758291-4078256221-3500050187-1005\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKU\S-1-5-21-2772758291-4078256221-3500050187-501\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2297\ff not found.
C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\rrrs58j5.default\extensions\chang.gibbons98@aol.com not found.
MsgPlusService => Service deleted successfully.
wgclbhvqtgnwlt service key not found.
C:\Windows\SysWOW64\huaynfbvh.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 35.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

V PC byl keylogger, takze velice doporucuju zmenu vsech hesel.

[RaiderR]

Mockrát děkuji, ntb vypadá v pořádku

[altrok]

Nemate zac, rad jsem pomohl


Mejte se a treba zase nekdy