VIRY.CZ

Zdravím,

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2016.04.30.02
rootkit: v2016.04.17.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Ladislav :: LADISLAV-HP [administrator]

30.4.2016 10:18:10
mbar-log-2016-04-30 (10-18-10).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 354868
Time elapsed: 27 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78152-5996-11e1-86ed-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\start.exe
Startup: C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-04-15]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe (No File)
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
2016-04-15 14:32 - 2016-04-26 10:54 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-04-15 14:32 - 2016-04-15 14:32 - 00001823 _____ C:\Users\Ladislav\Desktop\MyPC Backup.lnk
File: C:\Windows\system32\Ikeext.etl
2016-03-31 19:16 - 2016-04-27 19:58 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-31 19:14 - 2016-03-31 19:14 - 05096956 _____ C:\Users\Ladislav\Downloads\Lego.Star.Wars.Iii.The.Clone.W.keygen.exe.zip
Folder: C:\ProgramData\PDFC
Task: {3DBFBAAF-815F-4C4B-83C8-167FC10EDF12} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
EmptyTemp:
End

VIRY.CZ

Nežádoucí programy v PC

Re: Nežádoucí programy v PC

Re: Nežádoucí programy v PC