Dobrý den, dnes jsem jako hlupák stáhl zavirovaný soubor aniž bych ho předem otestoval, využití procesoru se blíží 100%.
FRST.txt posílám jako přílohu neboť mi není dovoleno přispět více jak 100k znaků.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
winnet32b, inet32upd
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: winnet32b, inet32upd
Addition.
Re: winnet32b, inet32upd
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: winnet32b, inet32upd
# AdwCleaner v4.204 - Log vytvořen 14/05/2015 v 19:05:46
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : JustJust - DEATHSOFT
# Spuštěno z : C:\Users\User\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\Program Files (x86)\XTab
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
***** [ Naplánované úlohy ] *****
Úloha Smazáno : update-sys
Úloha Smazáno : update-S-1-5-21-2321953528-1959365525-2877629586-1002
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E20196E3-1DCD-4944-9DD2-C52364431ECA}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\webssearchesSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v42.0.2311.135
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP75AA9F87-9A18-459A-9678-3C3B7A713DFD&SSPV=
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP75AA9F87-9A18-459A-9678-3C3B7A713DFD&SSPV=
*************************
AdwCleaner[R0].txt - [9291 bytů] - [14/05/2015 19:04:40]
AdwCleaner[S0].txt - [6388 bytů] - [14/05/2015 19:05:46]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6446 bytů] ##########
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by JustJust on źt 14. 05. 2015 at 19:12:35,25.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14. 5. 2015 19:13:18 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\GarenaMessenger deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\User\AppData\Roaming\3909 deleted successfully
C:\Users\User\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\New Folder not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\Skillbrains deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\User\AppData\Local\updater.log deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135
Tampermonkey - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
Bookmark Manager - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
==== Chromium Startpages ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://search.conduit.com/?ctid=CT33149 ... 3DFD&SSPV=",
"startup_urls": [ "http://search.conduit.com/?ctid=CT33149 ... 3DFD&SSPV=", "http://www.google.com/", "http://search.conduit.com/?ctid=CT33149 ... &UP=&SSPV=", "http://www.default-search.net?sid=476&a ... 78&src=hmp", "http://istart.webssearches.com/?type=hp ... AA3595KPAK", "http://istart.webssearches.com/?type=hp ... AA3595KPAK" ]
==== Chromium Fix ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=73 folders=25 106646538 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
==== EOF on źt 14. 05. 2015 at 19:32:57,12 ======================
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : JustJust - DEATHSOFT
# Spuštěno z : C:\Users\User\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\Program Files (x86)\XTab
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
***** [ Naplánované úlohy ] *****
Úloha Smazáno : update-sys
Úloha Smazáno : update-S-1-5-21-2321953528-1959365525-2877629586-1002
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E20196E3-1DCD-4944-9DD2-C52364431ECA}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\webssearchesSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v42.0.2311.135
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP75AA9F87-9A18-459A-9678-3C3B7A713DFD&SSPV=
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP75AA9F87-9A18-459A-9678-3C3B7A713DFD&SSPV=
*************************
AdwCleaner[R0].txt - [9291 bytů] - [14/05/2015 19:04:40]
AdwCleaner[S0].txt - [6388 bytů] - [14/05/2015 19:05:46]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6446 bytů] ##########
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by JustJust on źt 14. 05. 2015 at 19:12:35,25.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14. 5. 2015 19:13:18 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\GarenaMessenger deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\User\AppData\Roaming\3909 deleted successfully
C:\Users\User\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\New Folder not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\Skillbrains deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\User\AppData\Local\updater.log deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135
Tampermonkey - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
Bookmark Manager - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
==== Chromium Startpages ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://search.conduit.com/?ctid=CT33149 ... 3DFD&SSPV=",
"startup_urls": [ "http://search.conduit.com/?ctid=CT33149 ... 3DFD&SSPV=", "http://www.google.com/", "http://search.conduit.com/?ctid=CT33149 ... &UP=&SSPV=", "http://www.default-search.net?sid=476&a ... 78&src=hmp", "http://istart.webssearches.com/?type=hp ... AA3595KPAK", "http://istart.webssearches.com/?type=hp ... AA3595KPAK" ]
==== Chromium Fix ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=73 folders=25 106646538 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
==== EOF on źt 14. 05. 2015 at 19:32:57,12 ======================
Re: winnet32b, inet32upd
Poprosim o novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: winnet32b, inet32upd
Přikládám jako přílohu opět má něco kolem 450k 
Re: winnet32b, inet32upd
Zapomněli jste na mě pánové, nejspíš ještě rozdejcháváte kocovinu po čtvrtečním večeru viďte. 
Re: winnet32b, inet32upd
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony) HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18910208 2015-04-15] () HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {1fa54654-f4eb-11e4-bee0-28d244201997} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {2701de5f-810b-11e4-bebc-681729f6c82b} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {69c08115-d19c-11e4-bed5-28d244201997} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {8223abc3-e9a5-11e4-bede-28d244201997} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {989f9f80-bc54-11e3-be8e-681729f6c82b} - "E:\Startme.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {e11e440e-6abd-11e4-beb7-681729f6c82b} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {e11e443a-6abd-11e4-beb7-681729f6c82b} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {eb11042e-79b7-11e4-beb8-681729f6c82b} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e944e-8ed4-11e4-bec0-681729f6c827} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e946a-8ed4-11e4-bec0-681729f6c827} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e9525-8ed4-11e4-bec0-28d244201997} - "E:\Autorun.exe" HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e957a-8ed4-11e4-bec0-28d244201997} - "E:\Autorun.exe" ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-14] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-14] () SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = C:\Program Files (x86)\ESET C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe C:\Users\User\AppData\Roaming\Microsoft\Networking\winnet32b.exe C:\Users\User\AppData\Roaming\Microsoft\Networking\inet32upd.exe 2015-05-14 19:46 - 2015-05-14 19:46 - 00021916 _____ () C:\Users\User\Desktop\FRST.txt.txt 2015-05-14 19:45 - 2015-05-14 19:45 - 00029696 _____ () C:\Users\User\AppData\Local\MSGBOX.EXE 2015-05-14 19:45 - 2015-05-14 19:45 - 00015327 _____ () C:\Users\User\Desktop\LM.bat 2015-05-14 19:33 - 2015-05-14 19:33 - 00009186 _____ () C:\Users\User\Desktop\zoek.txt 2015-05-14 19:31 - 2015-05-14 19:12 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe 2015-05-14 19:13 - 2015-05-14 19:32 - 00009186 _____ () C:\zoek-results.log 2015-05-14 19:12 - 2015-05-14 19:30 - 00000000 ____D () C:\zoek_backup 2015-05-14 19:11 - 2015-05-14 19:12 - 01308672 _____ () C:\Users\User\Desktop\zoek.exe 2015-05-14 19:11 - 2015-05-14 19:11 - 00006545 _____ () C:\Users\User\Desktop\AdwCleaner.txt 2015-05-14 19:04 - 2015-05-14 19:05 - 00000000 ____D () C:\AdwCleaner 2015-05-14 18:59 - 2015-05-14 19:00 - 02209792 _____ () C:\Users\User\Desktop\adwcleaner_4.204.exe 2015-05-14 18:56 - 2015-05-14 19:45 - 00001155 _____ () C:\WINDOWS\setupact.log 2015-05-14 18:56 - 2015-05-14 19:32 - 00003076 _____ () C:\WINDOWS\PFRO.log 2015-05-14 18:56 - 2015-05-14 18:56 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-05-14 18:41 - 2015-05-14 18:56 - 00251154 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-14 16:38 - 2015-05-14 16:38 - 00050432 _____ () C:\Users\User\Desktop\FRST.txt.rar 2015-05-14 16:33 - 2015-05-14 16:33 - 00005489 _____ () C:\Users\User\Desktop\Addition.rar 2015-05-14 15:50 - 2015-05-14 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher (2).exe Folder: C:\Users\User\AppData\Roaming\Microsoft\Networking Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: winnet32b, inet32upd
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 02
Ran by JustJust at 2015-05-15 21:16:10 Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: JustJust (Available profiles: JustJust)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18910208 2015-04-15] ()
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {1fa54654-f4eb-11e4-bee0-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {2701de5f-810b-11e4-bebc-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {69c08115-d19c-11e4-bed5-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {8223abc3-e9a5-11e4-bede-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {989f9f80-bc54-11e3-be8e-681729f6c82b} - "E:\Startme.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {e11e440e-6abd-11e4-beb7-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {e11e443a-6abd-11e4-beb7-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {eb11042e-79b7-11e4-beb8-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e944e-8ed4-11e4-bec0-681729f6c827} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e946a-8ed4-11e4-bec0-681729f6c827} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e9525-8ed4-11e4-bec0-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e957a-8ed4-11e4-bec0-28d244201997} - "E:\Autorun.exe"
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-14] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-14] ()
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files (x86)\ESET
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
C:\Users\User\AppData\Roaming\Microsoft\Networking\winnet32b.exe
C:\Users\User\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-05-14 19:46 - 2015-05-14 19:46 - 00021916 _____ () C:\Users\User\Desktop\FRST.txt.txt
2015-05-14 19:45 - 2015-05-14 19:45 - 00029696 _____ () C:\Users\User\AppData\Local\MSGBOX.EXE
2015-05-14 19:45 - 2015-05-14 19:45 - 00015327 _____ () C:\Users\User\Desktop\LM.bat
2015-05-14 19:33 - 2015-05-14 19:33 - 00009186 _____ () C:\Users\User\Desktop\zoek.txt
2015-05-14 19:31 - 2015-05-14 19:12 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-14 19:13 - 2015-05-14 19:32 - 00009186 _____ () C:\zoek-results.log
2015-05-14 19:12 - 2015-05-14 19:30 - 00000000 ____D () C:\zoek_backup
2015-05-14 19:11 - 2015-05-14 19:12 - 01308672 _____ () C:\Users\User\Desktop\zoek.exe
2015-05-14 19:11 - 2015-05-14 19:11 - 00006545 _____ () C:\Users\User\Desktop\AdwCleaner.txt
2015-05-14 19:04 - 2015-05-14 19:05 - 00000000 ____D () C:\AdwCleaner
2015-05-14 18:59 - 2015-05-14 19:00 - 02209792 _____ () C:\Users\User\Desktop\adwcleaner_4.204.exe
2015-05-14 18:56 - 2015-05-14 19:45 - 00001155 _____ () C:\WINDOWS\setupact.log
2015-05-14 18:56 - 2015-05-14 19:32 - 00003076 _____ () C:\WINDOWS\PFRO.log
2015-05-14 18:56 - 2015-05-14 18:56 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-14 18:41 - 2015-05-14 18:56 - 00251154 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-14 16:38 - 2015-05-14 16:38 - 00050432 _____ () C:\Users\User\Desktop\FRST.txt.rar
2015-05-14 16:33 - 2015-05-14 16:33 - 00005489 _____ () C:\Users\User\Desktop\Addition.rar
2015-05-14 15:50 - 2015-05-14 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher (2).exe
Folder: C:\Users\User\AppData\Roaming\Microsoft\Networking
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Bloody2 => value deleted successfully.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fa54654-f4eb-11e4-bee0-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{1fa54654-f4eb-11e4-bee0-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2701de5f-810b-11e4-bebc-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{2701de5f-810b-11e4-bebc-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69c08115-d19c-11e4-bed5-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{69c08115-d19c-11e4-bed5-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8223abc3-e9a5-11e4-bede-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{8223abc3-e9a5-11e4-bede-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989f9f80-bc54-11e3-be8e-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{989f9f80-bc54-11e3-be8e-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e11e440e-6abd-11e4-beb7-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{e11e440e-6abd-11e4-beb7-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e11e443a-6abd-11e4-beb7-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{e11e443a-6abd-11e4-beb7-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb11042e-79b7-11e4-beb8-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{eb11042e-79b7-11e4-beb8-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e944e-8ed4-11e4-bec0-681729f6c827}" => Key deleted successfully.
HKCR\CLSID\{ed8e944e-8ed4-11e4-bec0-681729f6c827} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e946a-8ed4-11e4-bec0-681729f6c827}" => Key deleted successfully.
HKCR\CLSID\{ed8e946a-8ed4-11e4-bec0-681729f6c827} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e9525-8ed4-11e4-bec0-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{ed8e9525-8ed4-11e4-bec0-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e957a-8ed4-11e4-bec0-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{ed8e957a-8ed4-11e4-bec0-28d244201997} => Key not found.
C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe not found.
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => Moved successfully.
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Program Files (x86)\ESET => Moved successfully.
"C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe" => File/Directory not found.
"C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe" => File/Directory not found.
C:\Users\User\AppData\Roaming\Microsoft\Networking\winnet32b.exe => Moved successfully.
C:\Users\User\AppData\Roaming\Microsoft\Networking\inet32upd.exe => Moved successfully.
"C:\Users\User\Desktop\FRST.txt.txt" => File/Directory not found.
"C:\Users\User\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\Users\User\Desktop\LM.bat" => File/Directory not found.
C:\Users\User\Desktop\zoek.txt => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\User\Desktop\zoek.exe => Moved successfully.
C:\Users\User\Desktop\AdwCleaner.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\User\Desktop\adwcleaner_4.204.exe => Moved successfully.
C:\WINDOWS\setupact.log => Moved successfully.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\WINDOWS\setuperr.log => Moved successfully.
Could not move "C:\WINDOWS\WindowsUpdate.log" => Scheduled to move on reboot.
"C:\Users\User\Desktop\FRST.txt.rar" => File/Directory not found.
"C:\Users\User\Desktop\Addition.rar" => File/Directory not found.
"C:\Users\User\Desktop\FRSTLauncher (2).exe" => File/Directory not found.
========================= Folder: C:\Users\User\AppData\Roaming\Microsoft\Networking ========================
2015-05-14 15:23 - 2015-05-14 15:23 - 0626176 _____ (The cURL library, http://curl.haxx.se/) C:\Users\User\AppData\Roaming\Microsoft\Networking\libcurl.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 1704448 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\User\AppData\Roaming\Microsoft\Networking\libeay32.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0112142 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0279955 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0148760 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0963232 _____ (Microsoft Corporation) C:\Users\User\AppData\Roaming\Microsoft\Networking\msvcr120.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0119704 _____ (Open Source Software community LGPL) C:\Users\User\AppData\Roaming\Microsoft\Networking\pthreadGC2.dll
2015-05-14 19:02 - 2015-05-14 19:02 - 0021201 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\skein.cl
2015-05-14 19:02 - 2015-05-14 19:02 - 0672120 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\skeinGeForce GT 750Mgv1w256l4.bin
2015-05-14 15:23 - 2015-05-14 15:23 - 0364544 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\User\AppData\Roaming\Microsoft\Networking\ssleay32.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0131598 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\zlib1.dll
====== End of Folder: ======
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 1 GB temporary data.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-15 21:17:20)<=
C:\WINDOWS\WindowsUpdate.log => Moved successfully.
==== End of Fixlog 21:17:20 ====
Ran by JustJust at 2015-05-15 21:16:10 Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: JustJust (Available profiles: JustJust)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18910208 2015-04-15] ()
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {1fa54654-f4eb-11e4-bee0-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {2701de5f-810b-11e4-bebc-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {69c08115-d19c-11e4-bed5-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {8223abc3-e9a5-11e4-bede-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {989f9f80-bc54-11e3-be8e-681729f6c82b} - "E:\Startme.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {e11e440e-6abd-11e4-beb7-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {e11e443a-6abd-11e4-beb7-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {eb11042e-79b7-11e4-beb8-681729f6c82b} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e944e-8ed4-11e4-bec0-681729f6c827} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e946a-8ed4-11e4-bec0-681729f6c827} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e9525-8ed4-11e4-bec0-28d244201997} - "E:\Autorun.exe"
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\...\MountPoints2: {ed8e957a-8ed4-11e4-bec0-28d244201997} - "E:\Autorun.exe"
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-14] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-14] ()
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files (x86)\ESET
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
C:\Users\User\AppData\Roaming\Microsoft\Networking\winnet32b.exe
C:\Users\User\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-05-14 19:46 - 2015-05-14 19:46 - 00021916 _____ () C:\Users\User\Desktop\FRST.txt.txt
2015-05-14 19:45 - 2015-05-14 19:45 - 00029696 _____ () C:\Users\User\AppData\Local\MSGBOX.EXE
2015-05-14 19:45 - 2015-05-14 19:45 - 00015327 _____ () C:\Users\User\Desktop\LM.bat
2015-05-14 19:33 - 2015-05-14 19:33 - 00009186 _____ () C:\Users\User\Desktop\zoek.txt
2015-05-14 19:31 - 2015-05-14 19:12 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-14 19:13 - 2015-05-14 19:32 - 00009186 _____ () C:\zoek-results.log
2015-05-14 19:12 - 2015-05-14 19:30 - 00000000 ____D () C:\zoek_backup
2015-05-14 19:11 - 2015-05-14 19:12 - 01308672 _____ () C:\Users\User\Desktop\zoek.exe
2015-05-14 19:11 - 2015-05-14 19:11 - 00006545 _____ () C:\Users\User\Desktop\AdwCleaner.txt
2015-05-14 19:04 - 2015-05-14 19:05 - 00000000 ____D () C:\AdwCleaner
2015-05-14 18:59 - 2015-05-14 19:00 - 02209792 _____ () C:\Users\User\Desktop\adwcleaner_4.204.exe
2015-05-14 18:56 - 2015-05-14 19:45 - 00001155 _____ () C:\WINDOWS\setupact.log
2015-05-14 18:56 - 2015-05-14 19:32 - 00003076 _____ () C:\WINDOWS\PFRO.log
2015-05-14 18:56 - 2015-05-14 18:56 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-14 18:41 - 2015-05-14 18:56 - 00251154 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-14 16:38 - 2015-05-14 16:38 - 00050432 _____ () C:\Users\User\Desktop\FRST.txt.rar
2015-05-14 16:33 - 2015-05-14 16:33 - 00005489 _____ () C:\Users\User\Desktop\Addition.rar
2015-05-14 15:50 - 2015-05-14 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher (2).exe
Folder: C:\Users\User\AppData\Roaming\Microsoft\Networking
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Bloody2 => value deleted successfully.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fa54654-f4eb-11e4-bee0-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{1fa54654-f4eb-11e4-bee0-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2701de5f-810b-11e4-bebc-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{2701de5f-810b-11e4-bebc-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69c08115-d19c-11e4-bed5-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{69c08115-d19c-11e4-bed5-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8223abc3-e9a5-11e4-bede-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{8223abc3-e9a5-11e4-bede-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989f9f80-bc54-11e3-be8e-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{989f9f80-bc54-11e3-be8e-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e11e440e-6abd-11e4-beb7-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{e11e440e-6abd-11e4-beb7-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e11e443a-6abd-11e4-beb7-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{e11e443a-6abd-11e4-beb7-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb11042e-79b7-11e4-beb8-681729f6c82b}" => Key deleted successfully.
HKCR\CLSID\{eb11042e-79b7-11e4-beb8-681729f6c82b} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e944e-8ed4-11e4-bec0-681729f6c827}" => Key deleted successfully.
HKCR\CLSID\{ed8e944e-8ed4-11e4-bec0-681729f6c827} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e946a-8ed4-11e4-bec0-681729f6c827}" => Key deleted successfully.
HKCR\CLSID\{ed8e946a-8ed4-11e4-bec0-681729f6c827} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e9525-8ed4-11e4-bec0-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{ed8e9525-8ed4-11e4-bec0-28d244201997} => Key not found.
"HKU\S-1-5-21-2321953528-1959365525-2877629586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8e957a-8ed4-11e4-bec0-28d244201997}" => Key deleted successfully.
HKCR\CLSID\{ed8e957a-8ed4-11e4-bec0-28d244201997} => Key not found.
C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe not found.
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => Moved successfully.
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Program Files (x86)\ESET => Moved successfully.
"C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe" => File/Directory not found.
"C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe" => File/Directory not found.
C:\Users\User\AppData\Roaming\Microsoft\Networking\winnet32b.exe => Moved successfully.
C:\Users\User\AppData\Roaming\Microsoft\Networking\inet32upd.exe => Moved successfully.
"C:\Users\User\Desktop\FRST.txt.txt" => File/Directory not found.
"C:\Users\User\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\Users\User\Desktop\LM.bat" => File/Directory not found.
C:\Users\User\Desktop\zoek.txt => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\User\Desktop\zoek.exe => Moved successfully.
C:\Users\User\Desktop\AdwCleaner.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\User\Desktop\adwcleaner_4.204.exe => Moved successfully.
C:\WINDOWS\setupact.log => Moved successfully.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\WINDOWS\setuperr.log => Moved successfully.
Could not move "C:\WINDOWS\WindowsUpdate.log" => Scheduled to move on reboot.
"C:\Users\User\Desktop\FRST.txt.rar" => File/Directory not found.
"C:\Users\User\Desktop\Addition.rar" => File/Directory not found.
"C:\Users\User\Desktop\FRSTLauncher (2).exe" => File/Directory not found.
========================= Folder: C:\Users\User\AppData\Roaming\Microsoft\Networking ========================
2015-05-14 15:23 - 2015-05-14 15:23 - 0626176 _____ (The cURL library, http://curl.haxx.se/) C:\Users\User\AppData\Roaming\Microsoft\Networking\libcurl.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 1704448 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\User\AppData\Roaming\Microsoft\Networking\libeay32.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0112142 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0279955 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0148760 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0963232 _____ (Microsoft Corporation) C:\Users\User\AppData\Roaming\Microsoft\Networking\msvcr120.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0119704 _____ (Open Source Software community LGPL) C:\Users\User\AppData\Roaming\Microsoft\Networking\pthreadGC2.dll
2015-05-14 19:02 - 2015-05-14 19:02 - 0021201 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\skein.cl
2015-05-14 19:02 - 2015-05-14 19:02 - 0672120 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\skeinGeForce GT 750Mgv1w256l4.bin
2015-05-14 15:23 - 2015-05-14 15:23 - 0364544 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\User\AppData\Roaming\Microsoft\Networking\ssleay32.dll
2015-05-14 15:23 - 2015-05-14 15:23 - 0131598 _____ () C:\Users\User\AppData\Roaming\Microsoft\Networking\zlib1.dll
====== End of Folder: ======
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 1 GB temporary data.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-15 21:17:20)<=
C:\WINDOWS\WindowsUpdate.log => Moved successfully.
==== End of Fixlog 21:17:20 ====
Re: winnet32b, inet32upd
Stahnete Host permissions http://www.bleepingcomputer.com/download/hosts-permbat/
- Ulozte na plochu a spustte
- Probehne oprava, objevi se hlaska o uspesne resetu prav k hosts souboru
- Stisknete libovolnou klavesu k ukonceni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: winnet32b, inet32upd
Hotovo, děkuji problémové soubory už nemůžu najít, ale ani mi nenajedou aplikace Lenovo. Jinak můžu se zeptat zda se jednalo o miner nebo co to mohlo být ?
Re: winnet32b, inet32upd
Jake aplikace Lenovo nefunguji?? Zkuste je stahnout z webu vyrobce a znovu nainstalovat
BCM tam nebyl, spise jen hodne reklamniho SW
BCM tam nebyl, spise jen hodne reklamniho SW
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?