Zavirovaný PC- prosím o pomoc

[monika.cechurova]

ÔªøFix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-12-2014

Ran by Monika at 2014-12-08 21:59:14 Run:1

Running from C:\Users\Monika\Desktop

Loaded Profile: Monika (Available profiles: Monika)

Boot Mode: Normal

==============================================



Content of fixlist:

*****************

Start

CloseProcesses:

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [UsageTemp] => "C:\Users\Monika\AppData\Local\Temp\UsageTemp.exe"

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)

HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()

HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\...\MountPoints2: {f05e7a59-c55c-11e2-be72-806e6f6e6963} - "E:\autorun.exe"



SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

FF Plugin HKU\S-1-5-21-2702503296-2993323403-2491266693-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path



U4 BthAvrcpTg; No ImagePath

U4 BthHFEnum; No ImagePath

U4 bthhfhid; No ImagePath

2014-12-08 20:59 - 2014-12-08 20:59 - 00029696 _____ () C:\Users\Monika\AppData\Local\MSGBOX.EXE

2014-12-08 20:59 - 2014-12-08 20:59 - 00015327 _____ () C:\Users\Monika\Desktop\LM.bat

2014-12-08 20:58 - 2014-12-08 20:59 - 00112640 _____ (forum.viry.cz) C:\Users\Monika\Downloads\FRSTLauncher (2).exe

2014-12-08 20:58 - 2014-12-08 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Monika\Downloads\Nepotvrzeno 66318.crdownload

2014-12-08 20:58 - 2014-12-08 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Monika\Downloads\Nepotvrzeno 268360.crdownload

2014-12-08 20:57 - 2014-12-08 20:57 - 02119680 _____ (Farbar) C:\Users\Monika\Downloads\FRST64 (1).exe

2014-12-07 19:28 - 2014-12-07 19:28 - 01555808 _____ () C:\Users\Monika\Desktop\zoek-results.log

2014-12-07 19:23 - 2014-12-07 19:23 - 01555808 _____ () C:\Users\Monika\Desktop\zoek-results.txt

2014-12-07 19:18 - 2014-12-07 16:44 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe

2014-12-07 16:45 - 2014-12-07 19:20 - 01555808 _____ () C:\zoek-results.log

2014-12-07 16:44 - 2014-12-07 19:17 - 00000000 ____D () C:\zoek_backup

2014-12-07 16:44 - 2014-12-07 16:44 - 01295360 _____ () C:\Users\Monika\Downloads\zoek (1).exe

2014-12-07 16:43 - 2014-12-07 16:43 - 01295360 _____ () C:\Users\Monika\Downloads\zoek.exe

2014-12-07 11:20 - 2014-12-07 11:26 - 00000000 ____D () C:\AdwCleaner

2014-12-07 11:20 - 2014-12-07 11:20 - 02153472 _____ () C:\Users\Monika\Downloads\adwcleaner_4.104.exe

2014-12-07 11:20 - 2014-12-07 11:20 - 00000055 _____ () C:\AdwCleanerDebug.txt

2014-12-02 20:18 - 2014-12-02 20:22 - 00000000 ____D () C:\Program Files\trend micro

2014-12-02 20:18 - 2014-12-02 20:18 - 00000000 ____D () C:\rsit

2014-12-02 20:17 - 2014-12-02 20:18 - 01222144 _____ () C:\Users\Monika\Downloads\RSITx64.exe

2014-11-19 20:06 - 2014-12-07 11:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-11-19 20:06 - 2014-12-07 11:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-11-19 20:06 - 2014-11-19 20:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking

2014-11-19 20:04 - 2014-11-19 20:05 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Monika\Downloads\spybot-2.4.exe



Task: {556EE271-1D92-4833-9293-1C7B4AC5B148} - \Only-search Updater No Task File <==== ATTENTION

Task: {74F957CB-D0C5-4004-A7F9-80502F1263C7} - \DTReg No Task File <==== ATTENTION

Task: {80534B3F-2FF0-47AF-87AE-C10CB44CC55E} - \RegClean Pro No Task File <==== ATTENTION

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:373E1720

AlternateDataStreams: C:\ProgramData\Temp:49B217F7

AlternateDataStreams: C:\ProgramData\Temp:4A966CC2

Hosts:

EmptyTemp:

End

*****************



Processes closed successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UsageTemp => value deleted successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.

HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.

HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.

"HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f05e7a59-c55c-11e2-be72-806e6f6e6963}" => Key deleted successfully.

"HKCR\CLSID\{f05e7a59-c55c-11e2-be72-806e6f6e6963}" => Key not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

"HKU\S-1-5-21-2702503296-2993323403-2491266693-1001\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully.

C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found.

"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.

BthAvrcpTg => Service deleted successfully.

BthHFEnum => Service deleted successfully.

bthhfhid => Service deleted successfully.

C:\Users\Monika\AppData\Local\MSGBOX.EXE => Moved successfully.

C:\Users\Monika\Desktop\LM.bat => Moved successfully.

C:\Users\Monika\Downloads\FRSTLauncher (2).exe => Moved successfully.

C:\Users\Monika\Downloads\Nepotvrzeno 66318.crdownload => Moved successfully.

C:\Users\Monika\Downloads\Nepotvrzeno 268360.crdownload => Moved successfully.

C:\Users\Monika\Downloads\FRST64 (1).exe => Moved successfully.

C:\Users\Monika\Desktop\zoek-results.log => Moved successfully.

C:\Users\Monika\Desktop\zoek-results.txt => Moved successfully.

C:\WINDOWS\zoek-delete.exe => Moved successfully.

C:\zoek-results.log => Moved successfully.

C:\zoek_backup => Moved successfully.

C:\Users\Monika\Downloads\zoek (1).exe => Moved successfully.

C:\Users\Monika\Downloads\zoek.exe => Moved successfully.

C:\AdwCleaner => Moved successfully.

C:\Users\Monika\Downloads\adwcleaner_4.104.exe => Moved successfully.

C:\AdwCleanerDebug.txt => Moved successfully.

C:\Program Files\trend micro => Moved successfully.

C:\rsit => Moved successfully.

C:\Users\Monika\Downloads\RSITx64.exe => Moved successfully.

C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.

C:\ProgramData\Spybot - Search & Destroy => Moved successfully.

C:\WINDOWS\System32\Tasks\Safer-Networking => Moved successfully.

C:\Users\Monika\Downloads\spybot-2.4.exe => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{556EE271-1D92-4833-9293-1C7B4AC5B148}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{556EE271-1D92-4833-9293-1C7B4AC5B148}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Only-search Updater" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74F957CB-D0C5-4004-A7F9-80502F1263C7}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74F957CB-D0C5-4004-A7F9-80502F1263C7}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg" => Key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{80534B3F-2FF0-47AF-87AE-C10CB44CC55E}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80534B3F-2FF0-47AF-87AE-C10CB44CC55E}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro" => Key not found.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

C:\ProgramData\Temp => ":373E1720" ADS removed successfully.

C:\ProgramData\Temp => ":49B217F7" ADS removed successfully.

C:\ProgramData\Temp => ":4A966CC2" ADS removed successfully.

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.

Hosts was reset successfully.

EmptyTemp: => Removed 63.4 MB temporary data.





The system needed a reboot.



==== End of Fixlog ====

[altrok]

Vyborne, ted by pocitac mel byt bez viru! Norton jeste neco hlasi? A co UPC a hlaseni o spamu? Pripadne zacneme zametat po pouzitych nastrojich

[monika.cechurova]

Dobrý večer,

bohužel Norton našel vir- TrojanGen2, byl ve složce FRST

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

Timto se smazaly pouzivane utility (i slozka FRST), takze by ani Norton nic hlasit nemel

[monika.cechurova]

Dobrý večer,

Norton již nic nehlásí, děkuji za pomoc.

[altrok]

Nemate zac, rad jsem pomohl


Preju prijemny zbytek adventniho vecera