VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

otevirani stranky http://kb-ribaki.org/

https://forum.viry.cz:443/viewtopic.php?t=149304

Stránka 2 z 2

Re: otevirani stranky http://kb-ribaki.org/

Napsal: 27 čer 2016 13:02
od RockyParsley97CZ
Mám stejný problém.

Re: otevirani stranky http://kb-ribaki.org/

Napsal: 27 čer 2016 17:10
od Rudy
2RockyParsley97CZ: Založte si, prosím, vlastní topic. Pokračujte takto, jestli si chcete vykoledovat ban.

2Jan Choc: Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2013-11-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-3827235849-3457186460-974332170-1000\...\MountPoints2: {4f360db6-49ef-11e3-b619-50e5495778ae} - H:\setup.exe
SearchScopes: HKU\S-1-5-21-3827235849-3457186460-974332170-1000 -> {906BA3FE-B9FD-4eea-B175-E45D01758A7B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKU\S-1-5-21-3827235849-3457186460-974332170-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-3827235849-3457186460-974332170-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 BRDriver64; no ImagePath
c:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab09ae507fbe.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ec357be829.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08e71b9732019.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1ac8a089453.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd1bcb38c43.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04038a47842d8.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04038a45c5600.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8b58b35ac8a0.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef3244c56b1c.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd1bc95f1b4.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab09ae2bb924.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15ec3554b086.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12eaf8b10f77d.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e1ac89e29535.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08e71b955ac9b.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\C__Users_Damian_AppData_Local_Temp_Rar$EXa0.271_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\D__Torrent_Hide IP Easy 5.3.1.2+Crack-XenoCoder_Crack_HideIPEasy.exe
C:\Users\Damian\AppData\Local\Temp
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time) <==== ATTENTION
Popcorn Time (HKU\S-1-5-21-3827235849-3457186460-974332170-1000\...\Popcorn Time) (Version: - Popcorn Official) <==== ATTENTION
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: - CMI Limited) <==== ATTENTION
Task: {4387E21E-458C-4FA8-885E-D632C4EE50EB} - System32\Tasks\DX => hxxp://kb-ribaki.org
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat AdvancedSystemCare. Tento čistič vidí problémy tam, kde nejsou a liak si jím může snadno poškodit systém.

Re: otevirani stranky http://kb-ribaki.org/

Napsal: 27 čer 2016 17:31
od Jan Choc
Dobry den, posilam log a dekuji za radu ohledne Advanced System Care.
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by Damian (2016-06-27 18:22:44) Run:1
Running from C:\Users\Damian\Desktop
Loaded Profiles: Damian (Available Profiles: Damian)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2013-11-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-3827235849-3457186460-974332170-1000\...\MountPoints2: {4f360db6-49ef-11e3-b619-50e5495778ae} - H:\setup.exe
SearchScopes: HKU\S-1-5-21-3827235849-3457186460-974332170-1000 -> {906BA3FE-B9FD-4eea-B175-E45D01758A7B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKU\S-1-5-21-3827235849-3457186460-974332170-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-3827235849-3457186460-974332170-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 BRDriver64; no ImagePath
c:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab09ae507fbe.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ec357be829.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08e71b9732019.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1ac8a089453.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd1bcb38c43.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04038a47842d8.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04038a45c5600.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8b58b35ac8a0.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef3244c56b1c.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd1bc95f1b4.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab09ae2bb924.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15ec3554b086.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12eaf8b10f77d.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e1ac89e29535.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08e71b955ac9b.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\C__Users_Damian_AppData_Local_Temp_Rar$EXa0.271_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\D__Torrent_Hide IP Easy 5.3.1.2+Crack-XenoCoder_Crack_HideIPEasy.exe
C:\Users\Damian\AppData\Local\Temp
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time) <==== ATTENTION
Popcorn Time (HKU\S-1-5-21-3827235849-3457186460-974332170-1000\...\Popcorn Time) (Version: - Popcorn Official) <==== ATTENTION
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: - CMI Limited) <==== ATTENTION
Task: {4387E21E-458C-4FA8-885E-D632C4EE50EB} - System32\Tasks\DX => hxxp://kb-ribaki.org
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3827235849-3457186460-974332170-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f360db6-49ef-11e3-b619-50e5495778ae}" => key removed successfully
HKCR\CLSID\{4f360db6-49ef-11e3-b619-50e5495778ae} => key not found.
HKU\S-1-5-21-3827235849-3457186460-974332170-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{906BA3FE-B9FD-4eea-B175-E45D01758A7B} => key not found.
HKCR\CLSID\{906BA3FE-B9FD-4eea-B175-E45D01758A7B} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
"C:\Program Files (x86)\Skype\Toolbars" => not found.
HKU\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value not found.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => key not found.
HKU\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key not found.
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => not found.
c2cautoupdatesvc => service not found.
c2cpnrsvc => service not found.
BRDriver64 => service removed successfully
"c:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab09ae507fbe.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ec357be829.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08e71b9732019.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1ac8a089453.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd1bcb38c43.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04038a47842d8.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04038a45c5600.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8b58b35ac8a0.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef3244c56b1c.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd1bc95f1b4.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab09ae2bb924.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15ec3554b086.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12eaf8b10f77d.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e1ac89e29535.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08e71b955ac9b.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
C:\ProgramData\C__Users_Damian_AppData_Local_Temp_Rar$EXa0.271_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe => moved successfully
C:\ProgramData\D__Torrent_Hide IP Easy 5.3.1.2+Crack-XenoCoder_Crack_HideIPEasy.exe => moved successfully

"C:\Users\Damian\AppData\Local\Temp" folder move:

Could not move "C:\Users\Damian\AppData\Local\Temp" => Scheduled to move on reboot.

Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time) <==== ATTENTION => Error: No automatic fix found for this entry.
Popcorn Time (HKU\S-1-5-21-3827235849-3457186460-974332170-1000\...\Popcorn Time) (Version: - Popcorn Official) <==== ATTENTION => Error: No automatic fix found for this entry.
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: - CMI Limited) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4387E21E-458C-4FA8-885E-D632C4EE50EB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4387E21E-458C-4FA8-885E-D632C4EE50EB}" => key removed successfully
C:\Windows\System32\Tasks\DX => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DX" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-27 18:24:12)

C:\Users\Damian\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:24:12 ====

Re: otevirani stranky http://kb-ribaki.org/

Napsal: 27 čer 2016 18:14
od Rudy
Smazáno. Nastala nějaká změna?

Re: otevirani stranky http://kb-ribaki.org/

Napsal: 27 čer 2016 19:30
od Jan Choc
Vypada to dobre :)

Nevim jestli to ma nejakou souvislost ale nez jsem spustil podruhe FRST smazal jsem Flash a GomPlayer u kterych jsem si vzpomel ze jsem provadel nedavno aktualizace.

Co to bylo zac?

btw co byste doporucil misto Advanced System Care?

Kazdopadne dekuji Vam mnohokrat za pomoc.

Re: otevirani stranky http://kb-ribaki.org/

Napsal: 27 čer 2016 20:29
od Rudy
Především toto:
Task: {4387E21E-458C-4FA8-885E-D632C4EE50EB} - System32\Tasks\DX => hxxp://kb-ribaki.org
Měl by to být plánovač toho šmejdu.

Ostatní jsou také AdWary, ale jiného druhu. Místo ASC doporučuji CCleaner: http://forum.viry.cz/viewtopic.php?f=46&t=7478 .

Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz