Právě je 23 zář 2019 19:49

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 17 ]  Přejít na stránku 1, 2  Další
Autor Zpráva
 Předmět příspěvku: kontrola logu
PříspěvekNapsal: 23 kvě 2019 18:13 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
Dobrý den,
známý mi nechal notebook, abych mu ho odvirovala.
Počítač byl neskutečně zasekaný, nebylo skoro možné na něm nic udělat.
Použila jsem Adwcleaner a 220 virů odstranila. Počítač se chová trochu lépe, ale stále se seká.

Prosím o kontrolu logu.

Děkuji za pomoc


Přílohy:
FRST.zip [19.49 KiB]
16 krát
Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 23 kvě 2019 18:53 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 23 kvě 2019 19:51 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
psala, že toto už proběhlo. posílám tedy nynější i předchozí

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [25537 octets] - [23/05/2019 18:19:04]
AdwCleaner[C00].txt - [21754 octets] - [23/05/2019 18:22:19]
AdwCleaner[S01].txt - [1374 octets] - [23/05/2019 20:38:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########







# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2019
# Duration: 00:01:29
# OS: Windows 10 Home
# Cleaned: 220
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Partner
Deleted C:\Users\Guest\AppData\LocalLow\AskToolbar
Deleted C:\ProgramData\AskPartnerNetwork
Deleted C:\Program Files (x86)\AskPartnerNetwork
Deleted C:\Users\Guest\AppData\Local\AskPartnerNetwork
Deleted C:\Users\Standa\AppData\Local\AskPartnerNetwork
Deleted C:\ProgramData\IBUpdaterService
Deleted C:\Program Files (x86)\Inbox Toolbar
Deleted C:\Program Files (x86)\VNT
Deleted C:\Users\Guest\AppData\Local\VNT
Deleted C:\Users\Standa\AppData\Local\VNT
Deleted C:\Users\Standa\AppData\Roaming\SpeedAnalysis3
Deleted C:\Program Files (x86)\Speed Analysis 3
Deleted C:\Users\Standa\AppData\Roaming\7go
Deleted C:\Program Files (x86)\7Go Games
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Deleted C:\Program Files (x86)\SiteRanker
Deleted C:\Users\Guest\AppData\LocalLow\SiteRanker
Deleted C:\Users\saras\AppData\LocalLow\SiteRanker
Deleted C:\Users\Standa\AppData\LocalLow\SiteRanker
Deleted C:\Program Files (x86)\PC Performer
Deleted C:\Users\saras\AppData\Roaming\Performersoft
Deleted C:\Users\Standa\AppData\Roaming\Performersoft
Deleted C:\ProgramData\apn
Deleted C:\Users\Standa\AppData\Local\apn

***** [ Files ] *****

Deleted C:\Users\Standa\AppData\Roaming\speedanalysis.ico
Deleted C:\Windows\System32\roboot64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\PC Performer_DEFAULT.job
Deleted C:\Windows\System32\Tasks\PC Performer_DEFAULT
Deleted C:\Windows\Tasks\PC Performer_UPDATES.job
Deleted C:\Windows\System32\Tasks\PC Performer_UPDATES
Deleted C:\Windows\System32\Tasks\PC Performer

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\24x7HELP
Deleted HKU\.DEFAULT\Software\24x7HELP
Deleted HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted HKCU\Software\AskPartnerNetwork
Deleted HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted HKLM\Software\Wow6432Node\AskPartnerNetwork
Deleted HKLM\Software\AskPartnerNetwork
Deleted HKCU\Software\PERFORMERSOFT
Deleted HKLM\Software\Wow6432Node\PERFORMERSOFT
Deleted HKCU\Software\filescout
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SiteRanker
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|SiteRanker
Deleted HKU\S-1-5-18\Software\VNT
Deleted HKCU\Software\VNT
Deleted HKU\.DEFAULT\Software\VNT
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2206289839-3769606496-711628206-1000\Software\Speed Analysis 3
Deleted HKCU\Software\SiteRanker
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost64.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost64.exe
Deleted HKLM\Software\Wow6432Node\Classes\AppID\ScriptHost.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\ButtonSite.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AddonsFramework.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Deleted HKLM\Software\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Deleted HKLM\Software\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Deleted HKLM\Software\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted HKLM\Software\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Deleted HKLM\Software\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Deleted HKLM\Software\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Deleted HKLM\Software\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Deleted HKLM\Software\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Deleted HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Deleted HKLM\Software\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Deleted HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Deleted HKLM\Software\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Deleted HKLM\Software\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Deleted HKLM\Software\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Deleted HKLM\Software\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Deleted HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Deleted HKLM\Software\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Deleted HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Deleted HKLM\Software\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Deleted HKLM\Software\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Deleted HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Deleted HKLM\Software\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Deleted HKLM\Software\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Deleted HKLM\Software\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Deleted HKLM\Software\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Deleted HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Deleted HKLM\Software\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Deleted HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Deleted HKLM\Software\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Deleted HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Deleted HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Deleted HKLM\Software\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Deleted HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Deleted HKLM\Software\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Deleted HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Deleted HKLM\Software\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BC32944D-F31E-46B0-B4D6-375B7395F1DA}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73D8D75D-121A-4169-9ACC-75F1B0B28336}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73D8D75D-121A-4169-9ACC-75F1B0B28336}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F268C4C8-1404-49B3-85B1-920E06146ADC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F268C4C8-1404-49B3-85B1-920E06146ADC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A636BD21-7D51-4CBB-9ADD-7F50AE431453}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer

***** [ Chromium (and derivatives) ] *****

Deleted gjajpkikblccgefaibcafkfbanllpefi
Deleted nkjddnjnldjjnbjahcinkhkchijbjcmn
Deleted mbmpjbkgemhgalmeiigcdljkccfcafoj

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [25537 octets] - [23/05/2019 18:19:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 23 kvě 2019 20:06 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
OK. Dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 23 kvě 2019 20:16 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
posílám v příloze


Přílohy:
FRST (2).zip [19.41 KiB]
16 krát
Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 23 kvě 2019 21:06 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2206289839-3769606496-711628206-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16BE7DCD-E484-48E3-A589-F362D435110D} - System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{D0956C11-0F60-43FE-99AD-524E833471BB}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
Task: {1DB2A3AE-C3D1-48E8-96C5-714109DE553C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29A89918-1BEE-42E0-BB86-04D209792208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29C086B1-2303-47A3-A41E-FE037D585F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {2BEF8533-4977-4D91-97F5-24D7627FBCB1} - System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826} => C:\windows\system32\pcalua.exe -a C:\Users\Standa\Downloads\IN1CHP36WW5.exe -d C:\Users\Standa\Download
Task: {469FAC2D-85C0-4DF5-B767-EA5EFA3998AB} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4FDB25C3-4769-4993-8918-E5FE6BEA9655} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {532CEB31-7037-48CF-8D4E-4F054C14192F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {55890D9A-0ADF-4C57-87C5-E4C965939250} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {73F3A9A7-639C-4965-92BE-2A5B9124172A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8AC7ACB6-E108-413E-AC86-F37DCA80FCFA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9B2D6FA2-4074-45B5-84C0-3F9B956944EE} - System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {D05BB781-0332-412E-B4AA-3815BE859124} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5C1A365-47A3-4062-9517-DB76E6801D7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E7F97ADD-6348-4525-9E8B-69614718E3B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE6C68-D156-49F1-A266-0A22D75E409A} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {F0318D16-D766-4880-863A-7F3492B3BDDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FADDF71C-588F-4574-B107-8ED7184C8F17} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FB07D9F2-B63A-4F1E-A2B1-6745941B73B3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-2206289839-3769606496-711628206-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?tpid=ATU4 ... =&crxv=&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [nkjddnjnldjjnbjahcinkhkchijbjcmn] - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU4-V7C\CRX\ToolbarCR.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}
C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}
C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 24 kvě 2019 14:20 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
Po restartu se začali v levé dolní obrazovce objevovat oznámení z google chrome. Myslím, že to může být důvod sekání.


Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Standa (24-05-2019 14:56:03) Run:1
Running from C:\Users\Standa\Desktop
Loaded Profiles: Standa (Available Profiles: Standa & saras & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2206289839-3769606496-711628206-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16BE7DCD-E484-48E3-A589-F362D435110D} - System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{D0956C11-0F60-43FE-99AD-524E833471BB}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
Task: {1DB2A3AE-C3D1-48E8-96C5-714109DE553C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29A89918-1BEE-42E0-BB86-04D209792208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29C086B1-2303-47A3-A41E-FE037D585F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {2BEF8533-4977-4D91-97F5-24D7627FBCB1} - System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826} => C:\windows\system32\pcalua.exe -a C:\Users\Standa\Downloads\IN1CHP36WW5.exe -d C:\Users\Standa\Download
Task: {469FAC2D-85C0-4DF5-B767-EA5EFA3998AB} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4FDB25C3-4769-4993-8918-E5FE6BEA9655} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {532CEB31-7037-48CF-8D4E-4F054C14192F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {55890D9A-0ADF-4C57-87C5-E4C965939250} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {73F3A9A7-639C-4965-92BE-2A5B9124172A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8AC7ACB6-E108-413E-AC86-F37DCA80FCFA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9B2D6FA2-4074-45B5-84C0-3F9B956944EE} - System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {D05BB781-0332-412E-B4AA-3815BE859124} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5C1A365-47A3-4062-9517-DB76E6801D7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E7F97ADD-6348-4525-9E8B-69614718E3B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE6C68-D156-49F1-A266-0A22D75E409A} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {F0318D16-D766-4880-863A-7F3492B3BDDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FADDF71C-588F-4574-B107-8ED7184C8F17} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FB07D9F2-B63A-4F1E-A2B1-6745941B73B3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-2206289839-3769606496-711628206-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?tpid=ATU4 ... =&crxv=&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [nkjddnjnldjjnbjahcinkhkchijbjcmn] - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU4-V7C\CRX\ToolbarCR.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}
C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}
C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKU\S-1-5-21-2206289839-3769606496-711628206-1000\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16BE7DCD-E484-48E3-A589-F362D435110D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16BE7DCD-E484-48E3-A589-F362D435110D}" => removed successfully
C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DB2A3AE-C3D1-48E8-96C5-714109DE553C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DB2A3AE-C3D1-48E8-96C5-714109DE553C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29A89918-1BEE-42E0-BB86-04D209792208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29A89918-1BEE-42E0-BB86-04D209792208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29C086B1-2303-47A3-A41E-FE037D585F40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C086B1-2303-47A3-A41E-FE037D585F40}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BEF8533-4977-4D91-97F5-24D7627FBCB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BEF8533-4977-4D91-97F5-24D7627FBCB1}" => removed successfully
C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{469FAC2D-85C0-4DF5-B767-EA5EFA3998AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{469FAC2D-85C0-4DF5-B767-EA5EFA3998AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FDB25C3-4769-4993-8918-E5FE6BEA9655}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FDB25C3-4769-4993-8918-E5FE6BEA9655}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{532CEB31-7037-48CF-8D4E-4F054C14192F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532CEB31-7037-48CF-8D4E-4F054C14192F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55890D9A-0ADF-4C57-87C5-E4C965939250}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55890D9A-0ADF-4C57-87C5-E4C965939250}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73F3A9A7-639C-4965-92BE-2A5B9124172A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73F3A9A7-639C-4965-92BE-2A5B9124172A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8AC7ACB6-E108-413E-AC86-F37DCA80FCFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AC7ACB6-E108-413E-AC86-F37DCA80FCFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B2D6FA2-4074-45B5-84C0-3F9B956944EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B2D6FA2-4074-45B5-84C0-3F9B956944EE}" => removed successfully
C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D05BB781-0332-412E-B4AA-3815BE859124}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D05BB781-0332-412E-B4AA-3815BE859124}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5C1A365-47A3-4062-9517-DB76E6801D7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5C1A365-47A3-4062-9517-DB76E6801D7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E7F97ADD-6348-4525-9E8B-69614718E3B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7F97ADD-6348-4525-9E8B-69614718E3B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEAE6C68-D156-49F1-A266-0A22D75E409A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEAE6C68-D156-49F1-A266-0A22D75E409A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0318D16-D766-4880-863A-7F3492B3BDDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0318D16-D766-4880-863A-7F3492B3BDDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FADDF71C-588F-4574-B107-8ED7184C8F17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FADDF71C-588F-4574-B107-8ED7184C8F17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB07D9F2-B63A-4F1E-A2B1-6745941B73B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB07D9F2-B63A-4F1E-A2B1-6745941B73B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41545534-2D56-3743-00A7-7A786E7484D7}" => removed successfully
HKLM\Software\Classes\CLSID\{41545534-2D56-3743-00A7-7A786E7484D7} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41545534-2D56-3743-00A7-7A786E7484D7}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{41545534-2D56-3743-00A7-7A786E7484D7} => not found
"HKU\S-1-5-21-2206289839-3769606496-711628206-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Chrome DefaultSearchURL" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}" => not found
"C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}" => not found
"C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 155240427 B
Java, Flash, Steam htmlcache => 1345 B
Windows/system/drivers => 167900 B
Edge => 2877989 B
Chrome => 425310172 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 35660 B
LocalService => 0 B
NetworkService => 80908 B
NetworkService => 0 B
Standa => 92027638 B
saras => 30217081 B
Guest => 598115 B
DefaultAppPool => 6656 B

RecycleBin => 7392910 B
EmptyTemp: => 690.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:58:33 ====


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 24 kvě 2019 14:28 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 24 kvě 2019 14:31 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
Po restartu se začali v levé dolní obrazovce objevovat oznámení z google chrome. Myslím, že to může být důvod sekání.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 24 kvě 2019 15:58 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
OK, vyčistíme prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize





Citace:
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;







Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 26 kvě 2019 07:08 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
Bud č. 1 se mi nepovedl.
3h tam byl bod "ask for reboot" a jelikož bylo ve startu v nabídce pouze aktualizovat a restartovat, myslela jsem že z důvodu aktualizace to nejde. Restartovala jsem to tedy ručně a od té doby po spuštění se zobrazuje toto okno.
Příloha:
Výstřižek.PNG
Výstřižek.PNG [ 3.93 KiB | Zobrazeno 415 krát ]


Nevím zda je log někde na C uložen?
A zda pokračovat v bodu 2 nebo ten první nějak opakovat?


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 26 kvě 2019 10:07 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
Zkuste ty utility spustit v nouz. režimu.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 26 kvě 2019 11:37 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\saras\AppData\Local\AVAST Software\APM\kv_pam.db" not found
"C:\Users\saras\AppData\Local\AVAST Software\APM\sarasFfl2.dat" not found
"C:\Users\saras\AppData\Local\AVAST Software\APM\saras\kv_pam.db" not found
"C:\Users\Standa\AppData\Local\AVAST Software\APM\Standa\kv_pam.db" not found
"C:\Users\saras\AppData\Local\AVAST Software" not found
"C:\Users\Standa\AppData\Local\AVAST Software" not found
"C:\Users\Standa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" deleted
"C:\Users\Standa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found

==== EOF on ne 26.05.2019 at 12:13:51,46 ======================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Standa (Administrator) on ne 26.05.2019 at 12:21:40,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\Standa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gjajpkikblccgefaibcafkfbanllpefi (Folder)
Successfully deleted: C:\Users\Standa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mbmpjbkgemhgalmeiigcdljkccfcafoj (Folder)
Successfully deleted: C:\WINDOWS\s.bat (File)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7BAEBED8-A3DE-45FF-8B2F-5622535AB215} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 26.05.2019 at 12:28:13,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 26 kvě 2019 13:32 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109486
Bydliště: Plzeň
OK. Změnilo se něco nyní?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: kontrola logu
PříspěvekNapsal: 26 kvě 2019 14:05 
Offline
Návštěvník
Návštěvník

Registrován: 09 bře 2019 07:54
Příspěvky: 15
reklamy se již nezobrazují. Chvíli po startu běžel disk na 100 % (ve správci úloh), ale koukám že po nějaké době to kleslo.


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 17 ]  Přejít na stránku 1, 2  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?