VIRY.CZ

Na mém pc už mám 3 den toto: http://www.30tab.com/en.htm zobrazuje se mi to po rozkliknutí prohlížeče,není to v rozšířeních,a to samé platí o Exploreru i Firefoxu...jak odinstaluju restartuju pc nainstaluji znovu google mam to tam opět....zkoušel jsem x antivirů,anti malware a já nevím co ale bez úspěchu...dokážete někdo poradit?

Zdravím!
Pokud jste si to do prohlížeče nevložil sám, jedna se o tzv. únos. Prohlížeče vyčistíte postupným spuštěním těchto utilit:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2 Junkware removal tool: http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by Fucking Machine on ne 10.12.2017 at 12:06:52,38.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Fucking Machine\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10.12.2017 12:07:43 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-652991406-2842333732-553147408-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82A76710-4F98-4957-92BE-99648A4E2475} deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\FUCKIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\au4wpnx6.default\prefs.js:

Added to C:\Users\FUCKIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\au4wpnx6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\FUCKIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\au4wpnx6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fucking Machine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Fucking Machine\AppData\Local\Mozilla\Firefox\Profiles\au4wpnx6.default\cache2 emptied successfully
C:\Users\Fucking Machine\AppData\Roaming\Mozilla\Firefox\Profiles\au4wpnx6.default\storage\default\https+++www.youtube.com\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Fucking Machine\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\FUCKIN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Fucking Machine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Fucking Machine\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on ne 10.12.2017 at 12:09:18,63 ======================

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64
Ran by Fucking Machine (Administrator) on ne 10.12.2017 at 12:14:48,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9

Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Fucking Machine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2286Z1VW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Fucking Machine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3M6QC40Q (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Fucking Machine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GBOCARR4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Fucking Machine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US4WJ463 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2286Z1VW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3M6QC40Q (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GBOCARR4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US4WJ463 (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10.12.2017 at 12:16:20,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bohužel i po tomto se stále zobrazuje.....

OK. Problém zmizel?

Bohužel ne---i přesto,že se pc restartuje pořád útok trvá....ta stránka nechce zmizet,neni dostupna pritom ani v nastaveni...

FF zazálohujte pomocí MozBackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ . Pak FF kompletně odinstalujte vč. jeho profilu (podadresáře Mozilla v c:\users\Fucking Machine\appdata\local, c:\users\Fucking Machine\appdata\roaming, c:\users\Fucking Machine\data aplikací, c:\users\Fucking Machine\local settings a v c:\program data musí být smazány). Potom udělejte novou, čistou instalaci FF a zpět ze zálohy nakopírujte pouze hesla a záložky.

nejde....i když toto udělám,pořád ho mám zaseklej v googlu,už jsem zkoušel odinstalovat google,restart znovu nainstalovat a po pár klikách je tamta stránka zase ukotvená....

S google můžete zkusit totéž, co s FF, jen na zálohu použijete ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ a smažete podadresáře Chrome na stejných místech. Postup je stejný.