VIRY.CZ

Dobrý den, bohužel se obávám, že jsem při stahování z torrentu natáhl i havěť. Docházelo k 100% vytížení procesoru a zamrzání. Děkuji za pomoc. Logy v příloze

A ještě log po zapnutí Malwarebytes ADW Cleaner
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-04-2018
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 41852
# Detected: 1

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

PUP.Optional.Legacy suggestqueries.google.com

AdwCleaner[S00].txt - [2268 octets] - [27/07/2018 15:58:28]
AdwCleaner[C00].txt - [2156 octets] - [27/07/2018 15:59:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Ahoj

V AdwCleaneri je potrebne este kliknut na Clean / Cistenie.

Teď by to mělo být dokonáno.
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-04-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2268 octets] - [27/07/2018 15:58:28]
AdwCleaner[C00].txt - [2156 octets] - [27/07/2018 15:59:33]
AdwCleaner[S01].txt - [1397 octets] - [04/09/2018 16:14:35]
AdwCleaner[C01].txt - [1563 octets] - [04/09/2018 16:15:41]
AdwCleaner[S02].txt - [1519 octets] - [04/09/2018 16:48:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\uzivatel1\AppData\Roaming\Java\x86-64bits Windows\Config-DefaultMain\SysUtils SDK v2.49\svhcost.exe
File: C:\Users\uzivatel1\AppData\Local\Suuntolink\app-2.22.0\resources\app\LaunchAgents\SuuntolinkLauncher.exe
File: C:\Users\uzivatel1\AppData\Roaming\Tristofan.exe
File: C:\Users\uzivatel1\AppData\Local\MSGBOX.EXE
Folder: C:\Users\uzivatel1\AppData\Roaming\Java
CMD: type "C:\WINDOWS\system32\Install.vbs"
CMD: type "C:\Windows\system32\Maintenance.vbs"
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C383F99E-607E-47A1-A1A3-16C92BC885AC}

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2378821171-2048514694-1301835214-1001\...\Run: [Java x86 applicate] => C:\Users\uzivatel1\AppData\Roaming\Java\x86-64bits Windows\Config-DefaultMain\SysUtils SDK v2.49\svhcost.exe <==== ATTENTION
2018-09-02 11:17 - 2018-07-07 15:21 - 005111808 _____ C:\WINDOWS\system32\ServiceInstaller.exe
2018-09-02 11:17 - 2018-07-01 13:15 - 000054272 _____ C:\WINDOWS\system32\ServiceInstaller.msi
2018-09-02 11:17 - 2018-07-01 13:10 - 000053760 _____ C:\WINDOWS\system32\Installer.msi
2018-09-02 11:17 - 2018-06-03 20:03 - 000000997 _____ C:\WINDOWS\system32\Maintenance.vbs
2018-09-02 11:17 - 2018-05-07 11:33 - 000000392 _____ C:\WINDOWS\system32\StartupCheck.vbs
2018-09-02 11:17 - 2018-04-29 17:27 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2018-09-02 11:17 - 2018-01-29 01:09 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2018-09-02 11:17 - 2018-01-28 01:58 - 000000351 _____ C:\WINDOWS\system32\Install.vbs
2018-07-28 09:56 - 2018-07-28 19:03 - 000029696 _____ () C:\Users\uzivatel1\AppData\Local\MSGBOX.EXE
C:\Users\uzivatel1\AppData\Roaming\Java
Task: {FB80CFA3-7F66-4D11-9C9F-F0DB0BE7C380} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => C:\Windows\system32\Maintenance.vbs [2018-06-03] ()
AlternateDataStreams: C:\Users\uzivatel1:Heroes & Generals [38]
IE trusted site: HKU\S-1-5-21-2378821171-2048514694-1301835214-1001\...\sharepoint.com -> hxxps://365osu-files.sharepoint.com

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

VIRY.CZ

Havěť v PC

Havěť v PC

Re: Havěť v PC

Re: Havěť v PC

Re: Havěť v PC

Re: Havěť v PC