log RogueKiller
Napsal: 23 čer 2014 16:02
dobrý den
projel jsem PC RogueKillerem a našel tohle
může mi někdo poradit jestli to můžu smazat?
RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : františek [Práva správce]
Mód : Kontrola -- Datum : 06/23/2014 16:51:32
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.2.222 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.2.222 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A79D757C-DDED-4C37-A8CF-2F7BF90433FE} | DhcpNameServer : 172.16.2.222 ->
NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A79D757C-DDED-4C37-A8CF-2F7BF90433FE} | DhcpNameServer : 172.16.2.222 ->
NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 ->
NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 ->
NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 ->
NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 ->
NALEZENO
¤¤¤ naplánované úlohy : 2 ¤¤¤
[Suspicious.Path] ASC7_SkipUac_františek.job -- D:\advanced system care portable\ASC.exe (/SkipUac) -> NALEZENO
[Suspicious.Path] \\ASC7_SkipUac_františek -- D:\advanced system care portable\ASC.exe (/SkipUac) -> NALEZENO
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 11 ¤¤¤
[IAT:Addr] (explorer.exe) GDI32.dll - DeleteDC : Unknown @ 0x7ffdfaf30000
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - CscNetApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc1530
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - CscSearchApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc3cb8
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesEnable : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc6fa0
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesGetShareCachingMode : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc7434
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesQueryStatus : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc2f50
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesQueryStatusEx : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc2d50
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesStart : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc74f0
[IAT:Addr] (explorer.exe) GDI32.dll - DeleteDC : Unknown @ 0x7ffdfaf30000
[EAT:Addr] (explorer.exe) LibFrame.dll - MessageBoxExW : C:\Program Files (x86)\EgisTec Shredder\x64\FrameUtility.dll @ 0x32a0b50
[EAT:Addr] (explorer.exe) LibFrame.dll - MessageBoxW : C:\Program Files (x86)\EgisTec Shredder\x64\FrameUtility.dll @ 0x32a0bd0
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 066f10fed3f75f593eaa695f311f9e67
[BSP] 25e792008cfd462a7f658d5ed86abf9a : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK
děkuji Franta
projel jsem PC RogueKillerem a našel tohle
může mi někdo poradit jestli to můžu smazat?
RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : františek [Práva správce]
Mód : Kontrola -- Datum : 06/23/2014 16:51:32
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.2.222 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.2.222 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A79D757C-DDED-4C37-A8CF-2F7BF90433FE} | DhcpNameServer : 172.16.2.222 ->
NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A79D757C-DDED-4C37-A8CF-2F7BF90433FE} | DhcpNameServer : 172.16.2.222 ->
NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 ->
NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 ->
NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 ->
NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 ->
NALEZENO
¤¤¤ naplánované úlohy : 2 ¤¤¤
[Suspicious.Path] ASC7_SkipUac_františek.job -- D:\advanced system care portable\ASC.exe (/SkipUac) -> NALEZENO
[Suspicious.Path] \\ASC7_SkipUac_františek -- D:\advanced system care portable\ASC.exe (/SkipUac) -> NALEZENO
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 11 ¤¤¤
[IAT:Addr] (explorer.exe) GDI32.dll - DeleteDC : Unknown @ 0x7ffdfaf30000
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - CscNetApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc1530
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - CscSearchApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc3cb8
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesEnable : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc6fa0
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesGetShareCachingMode : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc7434
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesQueryStatus : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc2f50
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesQueryStatusEx : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc2d50
[EAT:Addr] (explorer.exe) Windows.Security.Authentication.OnlineId.dll - OfflineFilesStart : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ffdeddc74f0
[IAT:Addr] (explorer.exe) GDI32.dll - DeleteDC : Unknown @ 0x7ffdfaf30000
[EAT:Addr] (explorer.exe) LibFrame.dll - MessageBoxExW : C:\Program Files (x86)\EgisTec Shredder\x64\FrameUtility.dll @ 0x32a0b50
[EAT:Addr] (explorer.exe) LibFrame.dll - MessageBoxW : C:\Program Files (x86)\EgisTec Shredder\x64\FrameUtility.dll @ 0x32a0bd0
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 066f10fed3f75f593eaa695f311f9e67
[BSP] 25e792008cfd462a7f658d5ed86abf9a : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK
děkuji Franta
