VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problém s virem Kryptik.EK

https://forum.viry.cz:443/viewtopic.php?t=149560

Stránka 1 z 1

Problém s virem Kryptik.EK

Napsal: 25 črc 2016 19:37
od Kaabe
Zdravím, potřeboval bych pomoct s tímto příšerným virem. O víkendu jsem si přeinstaloval Windows abych se ujistil že vir mi běhá po USB flash diskách i na externím disku . Už nějakou dobu zjišťuji že mé flash disky mají problém s otevřením a přesouváním souborů. Je to týden co jsem potřeboval něco vytisknout a musel jsem zajít do copy centra, kde jsem dostal vyhubováno a poděkování za vir po připojení do pc .. :/ Již v pátek jsem použil Eset online scanner k zjištění viru v pc našel jsem pouze 2x Kryptik.EK jako dnes .
C:\Users\Pc\AppData\Local\Temp\SetupNO.vbs VBS/Kryptik.EK trojský kůň vyléčen smazáním (po nejbližším restartu)
C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetupNO.vbs VBS/Kryptik.EK trojský kůň vyléčen smazáním

Včera jsem si potřeboval něco hodit na externí disk a od té doby mi blbne net nejde mi otevřít stránka musím ji třeba 2x obnovit někdy ani to nepomůže s tímto mám problém již asi 2 týden proto jsem byl i nucen přeinstalovat pc . Dnes opět mám problém se někam dostat . Teď jsem akorát Esetem dokončil kontrolu a smazal viry .

Nemám vůbec žádné zkušenosti z odvirováním flash a ex. disku a vůbec třeba se mýlím a problém bude někde jinde což asi nepředpokládám . Předem všem děkuji za odpovědi !

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18015
Run by Pc at 20:41:44 on 2016-07-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2642 [GMT 2:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\uTorrent\nssm.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\uTorrent\utorrent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\wscript.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
uRun: [SetupNO] wscript.exe //B "C:\Users\Pc\AppData\Local\Temp\SetupNO.vbs"
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
StartupFolder: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetupNO.vbs
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
TCP: NameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{9FBC157C-E0C8-4834-9A0F-6AE5301AF850} : DHCPNameServer = 213.46.172.36 213.46.172.37
SSODL: WebCheck - <orphaned>
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2016-7-8 306688]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-5 188072]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2016-7-17 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2016-7-17 130880]
R2 uTorrent Server;uTorrent Server;C:\uTorrent\nssm.exe [2016-7-17 108032]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-3-30 96256]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2015-8-13 50392]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2015-8-13 201432]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-9-16 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-9-16 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2015-9-16 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-9-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-9-16 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2016-07-25 18:07:45 29696 ----a-w- C:\Users\Pc\AppData\Local\MSGBOX.EXE
2016-07-24 08:51:34 -------- d-----w- C:\Program Files (x86)\ESET
2016-07-22 16:05:32 -------- d-----w- C:\Windows\pss
2016-07-22 14:25:26 -------- d-----w- C:\ProgramData\Protexis64
2016-07-22 13:56:43 -------- d-----w- C:\Users\Pc\AppData\Local\Microsoft Help
2016-07-22 13:52:11 -------- d-----w- C:\ProgramData\CorelDRAW Graphics Suite X6
2016-07-22 12:12:27 -------- d-----w- C:\Users\Pc\AppData\Local\Mozilla
2016-07-21 17:43:46 -------- d-----w- C:\Users\Pc\AppData\Local\Diagnostics
2016-07-19 17:02:07 -------- d-----w- C:\Users\Pc\AppData\Local\bunkus.org
2016-07-19 17:01:36 -------- d-----w- C:\Program Files (x86)\MKVToolNix
2016-07-19 12:42:59 -------- d-----w- C:\ProgramData\Visan
2016-07-19 12:42:59 -------- d-----w- C:\ProgramData\HP Photo Creations
2016-07-19 12:42:59 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2016-07-19 12:42:55 -------- d-----w- C:\Users\Pc\AppData\Roaming\HpUpdate
2016-07-19 12:42:32 -------- d-----w- C:\Program Files\HP
2016-07-19 12:42:32 -------- d-----w- C:\Program Files (x86)\HP
2016-07-19 12:41:52 -------- d-----w- C:\Users\Pc\AppData\Local\HP
2016-07-17 19:33:14 -------- d-----w- C:\Users\Pc\AppData\Roaming\LolClient
2016-07-17 19:07:30 -------- d-----w- C:\ProgramData\Riot Games
2016-07-17 19:07:05 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2016-07-17 19:07:05 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2016-07-17 19:07:04 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2016-07-17 19:06:22 -------- d-----w- C:\Riot Games
2016-07-17 19:02:58 -------- d-----w- C:\Users\Pc\AppData\Roaming\Riot Games
2016-07-17 18:57:45 -------- d-----w- C:\Users\Pc\AppData\Roaming\uTorrent
2016-07-17 08:59:50 -------- d-----w- C:\uTorrent
2016-07-17 08:25:22 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2016-07-17 08:25:21 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2016-07-17 08:24:13 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2016-07-17 08:24:13 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2016-07-17 08:21:28 -------- d-----w- C:\Users\Pc\AppData\Local\Steam
2016-07-17 08:21:28 -------- d-----w- C:\Users\Pc\AppData\Local\CEF
2016-07-17 08:20:02 -------- d-----w- C:\Program Files (x86)\Steam
2016-07-17 08:20:02 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2016-07-17 08:12:56 130880 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
2016-07-17 08:12:45 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2016-07-17 08:09:59 0 ----a-w- C:\Windows\ativpsrm.bin
2016-07-17 08:07:14 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2016-07-17 08:07:12 -------- d-----w- C:\Users\Pc\AppData\Local\AMD
2016-07-17 08:06:59 -------- d-----w- C:\Program Files (x86)\AMD
2016-07-17 08:06:17 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2016-07-17 08:04:40 -------- d-----w- C:\ProgramData\Package Cache
2016-07-17 08:04:26 -------- d-----w- C:\Users\Pc\AppData\Local\Razer
2016-07-17 08:03:21 -------- d-----w- C:\Users\Pc\AppData\Roaming\TS3Client
2016-07-17 08:03:08 -------- d-----w- C:\Program Files (x86)\VideoLAN
2016-07-17 08:02:53 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2016-07-17 07:59:03 -------- d-----w- C:\Program Files\AMD
2016-07-17 07:56:41 -------- d-----w- C:\AMD
2016-07-17 07:56:00 -------- d-sh--w- C:\Windows\Installer
2016-07-17 07:51:31 -------- d-----w- C:\Users\Pc\AppData\Local\Google
2016-07-17 07:50:39 -------- d-----w- C:\Users\Pc\AppData\Local\Apps
2016-07-17 07:50:38 -------- d-----w- C:\Users\Pc\AppData\Local\Deployment
2016-07-17 07:42:46 -------- d-----w- C:\1b9cc0824b2747d17d6731ef
2016-07-17 07:42:43 364218 ----a-w- C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetupNO.vbs
2016-07-17 07:42:41 -------- d-----w- C:\Windows\Panther
2016-07-17 07:42:27 -------- d-sh--w- C:\Boot
2016-07-17 07:40:47 -------- d-----w- C:\Users\Pc\AppData\Local\VirtualStore
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Plocha
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Oblíbené položky
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Šablony
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Nabídka Start
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Dokumenty
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Data aplikací
2016-07-17 06:50:59 -------- d-sh--w- C:\Recovery
2016-07-08 19:37:02 141280 ----a-w- C:\Windows\System32\amdave64.dll
2016-07-08 19:37:00 122704 ----a-w- C:\Windows\SysWow64\amdave32.dll
2016-07-08 19:35:58 8865344 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2016-07-08 19:35:50 7000520 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2016-07-08 19:35:42 9798560 ----a-w- C:\Windows\System32\atiumd6a.dll
2016-07-08 19:35:38 8577456 ----a-w- C:\Windows\System32\atiumd64.dll
2016-07-08 19:33:10 305032 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2016-07-08 19:29:40 27004928 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2016-07-08 19:23:42 252928 ----a-w- C:\Windows\System32\clinfo.exe
2016-07-08 19:23:36 48616960 ----a-w- C:\Windows\System32\amdocl64.dll
2016-07-08 19:22:38 38099456 ----a-w- C:\Windows\SysWow64\amdocl.dll
2016-07-08 19:21:44 96256 ----a-w- C:\Windows\System32\OpenCL.dll
2016-07-08 19:21:44 87040 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2016-07-08 19:21:22 8815104 ----a-w- C:\Windows\System32\amdvlk64.dll
2016-07-08 19:19:58 27433472 ----a-w- C:\Windows\System32\amdocl12cl64.dll
2016-07-08 19:19:50 21600768 ----a-w- C:\Windows\SysWow64\amdocl12cl.dll
2016-07-08 19:17:04 7072768 ----a-w- C:\Windows\SysWow64\amdvlk32.dll
2016-07-08 19:03:50 30219776 ----a-w- C:\Windows\System32\atio6axx.dll
2016-07-08 19:02:40 732160 ----a-w- C:\Windows\System32\amdlvr64.dll
2016-07-08 19:02:26 607744 ----a-w- C:\Windows\SysWow64\amdlvr32.dll
2016-07-08 19:02:12 142336 ----a-w- C:\Windows\System32\mantle64.dll
2016-07-08 19:02:08 117760 ----a-w- C:\Windows\SysWow64\mantle32.dll
2016-07-08 19:02:02 6965248 ----a-w- C:\Windows\System32\amdmantle64.dll
2016-07-08 19:00:40 865280 ----a-w- C:\Windows\System32\coinst_16.20.dll
2016-07-08 18:58:56 385536 ----a-w- C:\Windows\System32\atiapfxx.exe
2016-07-08 18:58:50 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2016-07-08 18:58:48 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2016-07-08 18:58:40 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2016-07-08 18:58:38 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2016-07-08 18:58:26 15711744 ----a-w- C:\Windows\System32\aticaldd64.dll
2016-07-08 18:58:20 5643776 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2016-07-08 18:57:32 14302720 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2016-07-08 18:57:00 50688 ----a-w- C:\Windows\System32\amdmmcl6.dll
2016-07-08 18:57:00 38400 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2016-07-08 18:55:48 24836096 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2016-07-08 18:55:20 113152 ----a-w- C:\Windows\System32\mantleaxl64.dll
2016-07-08 18:55:18 92160 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2016-07-08 18:52:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2016-07-08 18:52:14 274432 ----a-w- C:\Windows\System32\dgtrayicon.exe
2016-07-08 18:52:08 258560 ----a-w- C:\Windows\System32\GameManager64.dll
2016-07-08 18:52:06 223744 ----a-w- C:\Windows\SysWow64\GameManager32.dll
2016-07-08 18:52:02 212480 ----a-w- C:\Windows\System32\atieah64.exe
2016-07-08 18:52:00 190464 ----a-w- C:\Windows\SysWow64\atieah32.exe
2016-07-08 18:51:56 230912 ----a-w- C:\Windows\System32\amdgfxinfo64.dll
2016-07-08 18:51:54 202752 ----a-w- C:\Windows\SysWow64\amdgfxinfo32.dll
2016-07-08 18:51:50 93696 ----a-w- C:\Windows\System32\atimuixx.dll
2016-07-08 18:51:46 588288 ----a-w- C:\Windows\System32\atieclxx.exe
2016-07-08 18:51:34 306688 ----a-w- C:\Windows\System32\atiesrxx.exe
2016-07-08 18:51:02 270336 ----a-w- C:\Windows\System32\atitmm64.dll
2016-07-08 18:47:30 1309184 ----a-w- C:\Windows\System32\atiadlxx.dll
2016-07-08 18:47:24 976384 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2016-07-08 18:47:24 976384 ----a-w- C:\Windows\SysWow64\atiadlxx.dll
2016-07-08 18:47:18 119808 ----a-w- C:\Windows\System32\atisamu64.dll
2016-07-08 18:47:16 101376 ----a-w- C:\Windows\SysWow64\atisamu32.dll
2016-07-08 18:47:14 106496 ----a-w- C:\Windows\System32\atig6pxx.dll
2016-07-08 18:47:12 91136 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2016-07-08 18:47:12 91136 ----a-w- C:\Windows\System32\atiglpxx.dll
2016-07-08 18:47:08 185344 ----a-w- C:\Windows\System32\atig6txx.dll
2016-07-08 18:47:06 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2016-07-08 18:47:02 159232 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2016-07-08 18:46:56 498176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2016-07-08 18:44:58 251392 ----a-w- C:\Windows\System32\hsa-thunk64.dll
2016-07-08 18:44:58 217088 ----a-w- C:\Windows\SysWow64\hsa-thunk.dll
.
==================== Find3M ====================
.
2016-06-06 08:27:50 15816 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
.
============= FINISH: 20:42:01,47 ===============

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 20:20
od Rudy
Zdravím!
S odvirováním vám pomůžeme, ale pro dekryptování je třeba přímý přístup do PC a ten nemáme právně ošetřen. Zkuste to u kolegů: https://neslape.cz/?utm_campaign=neslap ... ium=banner . Na ty flešky pu nejprve pusťte USBFix:
Stahnete a spustte http://www.fosshub.com/UsbFix.html
kliknete na Clean, vlozte nakazenou flashku do PC a kliknete na OK
pri dotazu na asistenci kliknete na No
upozorneni na ukonceni procesu - OK
obsah prave vytvoreneho logu vlozte do pristiho prispevku

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 20:28
od Kaabe
Myslím že 4 viry mi to hodily , mám ještě 2 flešky a ten externí disk
############################## | UsbFix V 8.248 | [Clean]

User: Pc (Administrator) # PC-PC
Updated 27/05/2016 by SOSVirus
Started at 21:20:29 | 25/07/2016

Website : https://www.usb-antivirus.com/
Tutorial : https://www.usb-antivirus.com/tutorial/
Support : http://www.sosvirus.org/
Live detection : http://www.sosmalware.com/usbfix/
Contact : https://www.usb-antivirus.com/contact/

################## | System information |

MB: MSI (G41M-P26 (MS-7592))
CPU: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
RAM -> [Total : 4095 Mo | Free : 3194 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 51.0.2704.106

################## | Security Information |

AS: Windows Defender [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 394 Gb (313 Gb free - 79%) [] # NTFS
D:\ -> Fixed disk # 537 Gb (67 Gb free - 13%) [] # NTFS
G:\ -> Removable disk # 4 Gb (4 Gb free - 99%) [] # NTFS

################## | Generic Research |

Deleted! C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetupNO.vbs
Deleted! C:\Users\Pc\AppData\Local\Temp\SetupNO.vbs
Deleted! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|SetupNO

(!) Temporary files deleted. (126.687253952026 MB)

################## | Startup |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | C:\ %SystemDrive% - Fixed drive (NTFS) |

[25/07/2016 - 20:30:01 | ASH | 3145144 Ko] - C:\hiberfil.sys
[25/07/2016 - 20:30:03 | ASH | 4193528 Ko] - C:\pagefile.sys
[23/07/2016 - 18:03:02 | D] - C:\Config.Msi
[17/07/2016 - 09:40:49 | SHD] - C:\$Recycle.Bin
[17/07/2016 - 09:42:29 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[21/11/2010 - 05:23:51 | RASH | 375 Ko] - C:\bootmgr
[17/07/2016 - 08:51:00 | SHD] - C:\Recovery
[17/07/2016 - 08:51:06 | RD] - C:\Users
[17/07/2016 - 08:51:20 | D] - C:\b00987bab1a7624596
[17/07/2016 - 09:42:28 | SHD] - C:\Boot
[17/07/2016 - 09:42:46 | D] - C:\1b9cc0824b2747d17d6731ef
[17/07/2016 - 10:09:07 | | 411 Ko] - C:\HERYK
[17/07/2016 - 21:06:22 | D] - C:\Riot Games
[22/07/2016 - 18:05:32 | D] - C:\Windows
[23/07/2016 - 14:32:21 | HD] - C:\ProgramData
[23/07/2016 - 14:32:59 | RD] - C:\Program Files
[24/07/2016 - 10:51:34 | RD] - C:\Program Files (x86)
[25/07/2016 - 13:23:38 | D] - C:\AMD
[25/07/2016 - 21:19:27 | D] - C:\UsbFix
[25/07/2016 - 21:20:21 | D] - C:\uTorrent

################## | D:\ - Fixed drive (NTFS) |

[04/03/2016 - 13:21:45 | D] - D:\msdownld.tmp
[17/07/2016 - 09:40:49 | SHD] - D:\$RECYCLE.BIN
[09/01/2016 - 14:30:52 | D] - D:\Windows 7 3v1 x64 9.2015 cz-sk
[07/11/2015 - 13:30:31 | D] - D:\$WINDOWS.~BT
[09/08/2015 - 16:57:55 | D] - D:\Jmenuju se Earl
[27/09/2015 - 08:04:00 | D] - D:\Bratrstvo neohrožených
[01/10/2015 - 16:22:17 | D] - D:\Windows 7x86 4v1
[08/05/2016 - 09:59:52 | RD] - D:\??BE
[29/05/2016 - 15:09:42 | D] - D:\Filmy
[05/07/2016 - 16:37:12 | D] - D:\plocha
[16/07/2016 - 23:03:24 | D] - D:\Nová složka
[20/07/2016 - 13:17:11 | D] - D:\SPARTAKUS

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

Analysed in 77.87 seconds

################## | E.O.F | http://www.sosvirus.net/ | https://www.usb-antivirus.com/ |

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 20:34
od Rudy
Jj. Takto proskenujte vše externí, potom odpojte a proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 20:59
od Kaabe
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18015
Run by Pc at 21:54:14 on 2016-07-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2334 [GMT 2:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
TCP: NameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{9FBC157C-E0C8-4834-9A0F-6AE5301AF850} : DHCPNameServer = 213.46.172.36 213.46.172.37
SSODL: WebCheck - <orphaned>
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-7-25 1136608]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-7-25 1514464]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-5 188072]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2016-7-17 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2016-7-17 130880]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-3-30 96256]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-7-25 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-7-25 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-7-25 64896]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2015-8-13 50392]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2015-8-13 201432]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2016-7-8 306688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 uTorrent Server;uTorrent Server;C:\uTorrent\nssm.exe [2016-7-17 108032]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-9-16 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-9-16 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2015-9-16 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-9-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-9-16 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2016-07-25 19:42:18 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-07-25 19:41:55 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-07-25 19:41:55 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-07-25 19:41:55 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-07-25 19:41:55 -------- d-----w- C:\ProgramData\Malwarebytes
2016-07-25 19:41:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-25 19:41:45 -------- d-----w- C:\Users\Pc\AppData\Local\Programs
2016-07-25 19:19:25 -------- d-----w- C:\UsbFix
2016-07-25 18:07:45 29696 ----a-w- C:\Users\Pc\AppData\Local\MSGBOX.EXE
2016-07-24 08:51:34 -------- d-----w- C:\Program Files (x86)\ESET
2016-07-22 16:05:32 -------- d-----w- C:\Windows\pss
2016-07-22 14:25:26 -------- d-----w- C:\ProgramData\Protexis64
2016-07-22 13:56:43 -------- d-----w- C:\Users\Pc\AppData\Local\Microsoft Help
2016-07-22 13:52:11 -------- d-----w- C:\ProgramData\CorelDRAW Graphics Suite X6
2016-07-22 12:12:27 -------- d-----w- C:\Users\Pc\AppData\Local\Mozilla
2016-07-21 17:43:46 -------- d-----w- C:\Users\Pc\AppData\Local\Diagnostics
2016-07-19 17:02:07 -------- d-----w- C:\Users\Pc\AppData\Local\bunkus.org
2016-07-19 17:01:36 -------- d-----w- C:\Program Files (x86)\MKVToolNix
2016-07-19 12:42:59 -------- d-----w- C:\ProgramData\Visan
2016-07-19 12:42:59 -------- d-----w- C:\ProgramData\HP Photo Creations
2016-07-19 12:42:59 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2016-07-19 12:42:55 -------- d-----w- C:\Users\Pc\AppData\Roaming\HpUpdate
2016-07-19 12:42:32 -------- d-----w- C:\Program Files\HP
2016-07-19 12:42:32 -------- d-----w- C:\Program Files (x86)\HP
2016-07-19 12:41:52 -------- d-----w- C:\Users\Pc\AppData\Local\HP
2016-07-17 19:33:14 -------- d-----w- C:\Users\Pc\AppData\Roaming\LolClient
2016-07-17 19:07:30 -------- d-----w- C:\ProgramData\Riot Games
2016-07-17 19:07:05 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2016-07-17 19:07:05 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2016-07-17 19:07:04 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2016-07-17 19:06:22 -------- d-----w- C:\Riot Games
2016-07-17 19:02:58 -------- d-----w- C:\Users\Pc\AppData\Roaming\Riot Games
2016-07-17 18:57:45 -------- d-----w- C:\Users\Pc\AppData\Roaming\uTorrent
2016-07-17 08:59:50 -------- d-----w- C:\uTorrent
2016-07-17 08:25:22 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2016-07-17 08:25:21 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2016-07-17 08:24:13 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2016-07-17 08:24:13 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2016-07-17 08:21:28 -------- d-----w- C:\Users\Pc\AppData\Local\Steam
2016-07-17 08:21:28 -------- d-----w- C:\Users\Pc\AppData\Local\CEF
2016-07-17 08:20:02 -------- d-----w- C:\Program Files (x86)\Steam
2016-07-17 08:20:02 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2016-07-17 08:12:56 130880 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
2016-07-17 08:12:45 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2016-07-17 08:09:59 0 ----a-w- C:\Windows\ativpsrm.bin
2016-07-17 08:07:14 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2016-07-17 08:07:12 -------- d-----w- C:\Users\Pc\AppData\Local\AMD
2016-07-17 08:06:59 -------- d-----w- C:\Program Files (x86)\AMD
2016-07-17 08:06:17 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2016-07-17 08:04:40 -------- d-----w- C:\ProgramData\Package Cache
2016-07-17 08:04:26 -------- d-----w- C:\Users\Pc\AppData\Local\Razer
2016-07-17 08:03:21 -------- d-----w- C:\Users\Pc\AppData\Roaming\TS3Client
2016-07-17 08:03:08 -------- d-----w- C:\Program Files (x86)\VideoLAN
2016-07-17 08:02:53 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2016-07-17 07:59:03 -------- d-----w- C:\Program Files\AMD
2016-07-17 07:56:41 -------- d-----w- C:\AMD
2016-07-17 07:56:00 -------- d-sh--w- C:\Windows\Installer
2016-07-17 07:51:31 -------- d-----w- C:\Users\Pc\AppData\Local\Google
2016-07-17 07:50:39 -------- d-----w- C:\Users\Pc\AppData\Local\Apps
2016-07-17 07:50:38 -------- d-----w- C:\Users\Pc\AppData\Local\Deployment
2016-07-17 07:42:46 -------- d-----w- C:\1b9cc0824b2747d17d6731ef
2016-07-17 07:42:41 -------- d-----w- C:\Windows\Panther
2016-07-17 07:42:27 -------- d-sh--w- C:\Boot
2016-07-17 07:40:47 -------- d-----w- C:\Users\Pc\AppData\Local\VirtualStore
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Plocha
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Oblíbené položky
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Šablony
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Nabídka Start
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Dokumenty
2016-07-17 06:50:59 -------- d-sh--we C:\ProgramData\Data aplikací
2016-07-17 06:50:59 -------- d-sh--w- C:\Recovery
2016-07-08 19:37:02 141280 ----a-w- C:\Windows\System32\amdave64.dll
2016-07-08 19:37:00 122704 ----a-w- C:\Windows\SysWow64\amdave32.dll
2016-07-08 19:35:58 8865344 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2016-07-08 19:35:50 7000520 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2016-07-08 19:35:42 9798560 ----a-w- C:\Windows\System32\atiumd6a.dll
2016-07-08 19:35:38 8577456 ----a-w- C:\Windows\System32\atiumd64.dll
2016-07-08 19:33:10 305032 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2016-07-08 19:29:40 27004928 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2016-07-08 19:23:42 252928 ----a-w- C:\Windows\System32\clinfo.exe
2016-07-08 19:23:36 48616960 ----a-w- C:\Windows\System32\amdocl64.dll
2016-07-08 19:22:38 38099456 ----a-w- C:\Windows\SysWow64\amdocl.dll
2016-07-08 19:21:44 96256 ----a-w- C:\Windows\System32\OpenCL.dll
2016-07-08 19:21:44 87040 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2016-07-08 19:21:22 8815104 ----a-w- C:\Windows\System32\amdvlk64.dll
2016-07-08 19:19:58 27433472 ----a-w- C:\Windows\System32\amdocl12cl64.dll
2016-07-08 19:19:50 21600768 ----a-w- C:\Windows\SysWow64\amdocl12cl.dll
2016-07-08 19:17:04 7072768 ----a-w- C:\Windows\SysWow64\amdvlk32.dll
2016-07-08 19:03:50 30219776 ----a-w- C:\Windows\System32\atio6axx.dll
2016-07-08 19:02:40 732160 ----a-w- C:\Windows\System32\amdlvr64.dll
2016-07-08 19:02:26 607744 ----a-w- C:\Windows\SysWow64\amdlvr32.dll
2016-07-08 19:02:12 142336 ----a-w- C:\Windows\System32\mantle64.dll
2016-07-08 19:02:08 117760 ----a-w- C:\Windows\SysWow64\mantle32.dll
2016-07-08 19:02:02 6965248 ----a-w- C:\Windows\System32\amdmantle64.dll
2016-07-08 19:00:40 865280 ----a-w- C:\Windows\System32\coinst_16.20.dll
2016-07-08 18:58:56 385536 ----a-w- C:\Windows\System32\atiapfxx.exe
2016-07-08 18:58:50 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2016-07-08 18:58:48 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2016-07-08 18:58:40 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2016-07-08 18:58:38 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2016-07-08 18:58:26 15711744 ----a-w- C:\Windows\System32\aticaldd64.dll
2016-07-08 18:58:20 5643776 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2016-07-08 18:57:32 14302720 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2016-07-08 18:57:00 50688 ----a-w- C:\Windows\System32\amdmmcl6.dll
2016-07-08 18:57:00 38400 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2016-07-08 18:55:48 24836096 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2016-07-08 18:55:20 113152 ----a-w- C:\Windows\System32\mantleaxl64.dll
2016-07-08 18:55:18 92160 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2016-07-08 18:52:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2016-07-08 18:52:14 274432 ----a-w- C:\Windows\System32\dgtrayicon.exe
2016-07-08 18:52:08 258560 ----a-w- C:\Windows\System32\GameManager64.dll
2016-07-08 18:52:06 223744 ----a-w- C:\Windows\SysWow64\GameManager32.dll
2016-07-08 18:52:02 212480 ----a-w- C:\Windows\System32\atieah64.exe
2016-07-08 18:52:00 190464 ----a-w- C:\Windows\SysWow64\atieah32.exe
2016-07-08 18:51:56 230912 ----a-w- C:\Windows\System32\amdgfxinfo64.dll
2016-07-08 18:51:54 202752 ----a-w- C:\Windows\SysWow64\amdgfxinfo32.dll
2016-07-08 18:51:50 93696 ----a-w- C:\Windows\System32\atimuixx.dll
2016-07-08 18:51:46 588288 ----a-w- C:\Windows\System32\atieclxx.exe
2016-07-08 18:51:34 306688 ----a-w- C:\Windows\System32\atiesrxx.exe
2016-07-08 18:51:02 270336 ----a-w- C:\Windows\System32\atitmm64.dll
2016-07-08 18:47:30 1309184 ----a-w- C:\Windows\System32\atiadlxx.dll
2016-07-08 18:47:24 976384 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2016-07-08 18:47:24 976384 ----a-w- C:\Windows\SysWow64\atiadlxx.dll
2016-07-08 18:47:18 119808 ----a-w- C:\Windows\System32\atisamu64.dll
2016-07-08 18:47:16 101376 ----a-w- C:\Windows\SysWow64\atisamu32.dll
2016-07-08 18:47:14 106496 ----a-w- C:\Windows\System32\atig6pxx.dll
2016-07-08 18:47:12 91136 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2016-07-08 18:47:12 91136 ----a-w- C:\Windows\System32\atiglpxx.dll
2016-07-08 18:47:08 185344 ----a-w- C:\Windows\System32\atig6txx.dll
2016-07-08 18:47:06 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2016-07-08 18:47:02 159232 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2016-07-08 18:46:56 498176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2016-07-08 18:44:58 251392 ----a-w- C:\Windows\System32\hsa-thunk64.dll
2016-07-08 18:44:58 217088 ----a-w- C:\Windows\SysWow64\hsa-thunk.dll
.
==================== Find3M ====================
.
2016-06-06 08:27:50 15816 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
.
============= FINISH: 21:54:26,55 ===============

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 21:16
od Rudy
Chtěl jsem log MBAM: http://www.malwarebytes.org/mbam.php . Dal jste DDS.

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 21:18
od Kaabe
Žádný log mi to nehodilo :/
oprava hodilo

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.7.2016
Čas skenování: 21:44
Protokol: logg.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.07.25.09
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pc

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 279804
Uplynulý čas: 4 min, 3 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 21:27
od Kaabe
Ještě bych chtěl dodat , že teda jsem tím Malwarem projel pc znova a žádné infikované soubory mi to nehodilo tak mi to nějak nedalo zapnu eset online a po 40% 79 virů . Což jsem tak nějak čekal když jsem vložil na pc ty flešky v externím disku nic nebylo .

Re: Problém s virem Kryptik.EK

Napsal: 25 črc 2016 21:39
od Rudy
OK. Tak to proskenujte a vše nalezené smažte.

Re: Problém s virem Kryptik.EK

Napsal: 27 črc 2016 13:43
od Kaabe
Zdravím, omlouvám se, ale nebyl jsem na pc. Od té doby co jsem projel pc a vyčistil flash disky tak jsem bez viru a internet šlape tak jak má. Nevěděl jsem akorát co s těmi flash disky USBFIX mi pomohl ještě uklidím CCleanerem a snad bude klid :) Děkuji za pomoct a zase "někdy" na viděnou :D :thumbsup: :thumbsup:

Re: Problém s virem Kryptik.EK

Napsal: 27 črc 2016 17:45
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz