Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

kontrola logu

#1 Příspěvek od Trejsi91 »

Dobrý den,
známý mi nechal notebook, abych mu ho odvirovala.
Počítač byl neskutečně zasekaný, nebylo skoro možné na něm nic udělat.
Použila jsem Adwcleaner a 220 virů odstranila. Počítač se chová trochu lépe, ale stále se seká.

Prosím o kontrolu logu.

Děkuji za pomoc
Přílohy
FRST.zip
(19.49 KiB) Staženo 66 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#3 Příspěvek od Trejsi91 »

psala, že toto už proběhlo. posílám tedy nynější i předchozí

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [25537 octets] - [23/05/2019 18:19:04]
AdwCleaner[C00].txt - [21754 octets] - [23/05/2019 18:22:19]
AdwCleaner[S01].txt - [1374 octets] - [23/05/2019 20:38:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########







# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2019
# Duration: 00:01:29
# OS: Windows 10 Home
# Cleaned: 220
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Partner
Deleted C:\Users\Guest\AppData\LocalLow\AskToolbar
Deleted C:\ProgramData\AskPartnerNetwork
Deleted C:\Program Files (x86)\AskPartnerNetwork
Deleted C:\Users\Guest\AppData\Local\AskPartnerNetwork
Deleted C:\Users\Standa\AppData\Local\AskPartnerNetwork
Deleted C:\ProgramData\IBUpdaterService
Deleted C:\Program Files (x86)\Inbox Toolbar
Deleted C:\Program Files (x86)\VNT
Deleted C:\Users\Guest\AppData\Local\VNT
Deleted C:\Users\Standa\AppData\Local\VNT
Deleted C:\Users\Standa\AppData\Roaming\SpeedAnalysis3
Deleted C:\Program Files (x86)\Speed Analysis 3
Deleted C:\Users\Standa\AppData\Roaming\7go
Deleted C:\Program Files (x86)\7Go Games
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Deleted C:\Program Files (x86)\SiteRanker
Deleted C:\Users\Guest\AppData\LocalLow\SiteRanker
Deleted C:\Users\saras\AppData\LocalLow\SiteRanker
Deleted C:\Users\Standa\AppData\LocalLow\SiteRanker
Deleted C:\Program Files (x86)\PC Performer
Deleted C:\Users\saras\AppData\Roaming\Performersoft
Deleted C:\Users\Standa\AppData\Roaming\Performersoft
Deleted C:\ProgramData\apn
Deleted C:\Users\Standa\AppData\Local\apn

***** [ Files ] *****

Deleted C:\Users\Standa\AppData\Roaming\speedanalysis.ico
Deleted C:\Windows\System32\roboot64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\PC Performer_DEFAULT.job
Deleted C:\Windows\System32\Tasks\PC Performer_DEFAULT
Deleted C:\Windows\Tasks\PC Performer_UPDATES.job
Deleted C:\Windows\System32\Tasks\PC Performer_UPDATES
Deleted C:\Windows\System32\Tasks\PC Performer

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\24x7HELP
Deleted HKU\.DEFAULT\Software\24x7HELP
Deleted HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted HKCU\Software\AskPartnerNetwork
Deleted HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted HKLM\Software\Wow6432Node\AskPartnerNetwork
Deleted HKLM\Software\AskPartnerNetwork
Deleted HKCU\Software\PERFORMERSOFT
Deleted HKLM\Software\Wow6432Node\PERFORMERSOFT
Deleted HKCU\Software\filescout
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SiteRanker
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|SiteRanker
Deleted HKU\S-1-5-18\Software\VNT
Deleted HKCU\Software\VNT
Deleted HKU\.DEFAULT\Software\VNT
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2206289839-3769606496-711628206-1000\Software\Speed Analysis 3
Deleted HKCU\Software\SiteRanker
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost64.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost64.exe
Deleted HKLM\Software\Wow6432Node\Classes\AppID\ScriptHost.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\ButtonSite.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AddonsFramework.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Deleted HKLM\Software\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Deleted HKLM\Software\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Deleted HKLM\Software\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted HKLM\Software\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Deleted HKLM\Software\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Deleted HKLM\Software\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Deleted HKLM\Software\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Deleted HKLM\Software\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Deleted HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Deleted HKLM\Software\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Deleted HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Deleted HKLM\Software\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Deleted HKLM\Software\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Deleted HKLM\Software\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Deleted HKLM\Software\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Deleted HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Deleted HKLM\Software\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Deleted HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Deleted HKLM\Software\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Deleted HKLM\Software\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Deleted HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Deleted HKLM\Software\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Deleted HKLM\Software\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Deleted HKLM\Software\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Deleted HKLM\Software\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Deleted HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Deleted HKLM\Software\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Deleted HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Deleted HKLM\Software\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Deleted HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Deleted HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Deleted HKLM\Software\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Deleted HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Deleted HKLM\Software\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Deleted HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Deleted HKLM\Software\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BC32944D-F31E-46B0-B4D6-375B7395F1DA}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73D8D75D-121A-4169-9ACC-75F1B0B28336}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73D8D75D-121A-4169-9ACC-75F1B0B28336}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F268C4C8-1404-49B3-85B1-920E06146ADC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F268C4C8-1404-49B3-85B1-920E06146ADC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A636BD21-7D51-4CBB-9ADD-7F50AE431453}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer

***** [ Chromium (and derivatives) ] *****

Deleted gjajpkikblccgefaibcafkfbanllpefi
Deleted nkjddnjnldjjnbjahcinkhkchijbjcmn
Deleted mbmpjbkgemhgalmeiigcdljkccfcafoj

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [25537 octets] - [23/05/2019 18:19:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#5 Příspěvek od Trejsi91 »

posílám v příloze
Přílohy
FRST (2).zip
(19.41 KiB) Staženo 72 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2206289839-3769606496-711628206-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16BE7DCD-E484-48E3-A589-F362D435110D} - System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{D0956C11-0F60-43FE-99AD-524E833471BB}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
Task: {1DB2A3AE-C3D1-48E8-96C5-714109DE553C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29A89918-1BEE-42E0-BB86-04D209792208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29C086B1-2303-47A3-A41E-FE037D585F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {2BEF8533-4977-4D91-97F5-24D7627FBCB1} - System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826} => C:\windows\system32\pcalua.exe -a C:\Users\Standa\Downloads\IN1CHP36WW5.exe -d C:\Users\Standa\Download
Task: {469FAC2D-85C0-4DF5-B767-EA5EFA3998AB} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4FDB25C3-4769-4993-8918-E5FE6BEA9655} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {532CEB31-7037-48CF-8D4E-4F054C14192F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {55890D9A-0ADF-4C57-87C5-E4C965939250} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {73F3A9A7-639C-4965-92BE-2A5B9124172A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8AC7ACB6-E108-413E-AC86-F37DCA80FCFA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9B2D6FA2-4074-45B5-84C0-3F9B956944EE} - System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {D05BB781-0332-412E-B4AA-3815BE859124} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5C1A365-47A3-4062-9517-DB76E6801D7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E7F97ADD-6348-4525-9E8B-69614718E3B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE6C68-D156-49F1-A266-0A22D75E409A} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {F0318D16-D766-4880-863A-7F3492B3BDDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FADDF71C-588F-4574-B107-8ED7184C8F17} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FB07D9F2-B63A-4F1E-A2B1-6745941B73B3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-2206289839-3769606496-711628206-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?tpid=ATU4-V7C&o= ... earchTerms}
CHR HKLM\...\Chrome\Extension: [nkjddnjnldjjnbjahcinkhkchijbjcmn] - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU4-V7C\CRX\ToolbarCR.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}
C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}
C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#7 Příspěvek od Trejsi91 »

Po restartu se začali v levé dolní obrazovce objevovat oznámení z google chrome. Myslím, že to může být důvod sekání.


Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Standa (24-05-2019 14:56:03) Run:1
Running from C:\Users\Standa\Desktop
Loaded Profiles: Standa (Available Profiles: Standa & saras & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2206289839-3769606496-711628206-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16BE7DCD-E484-48E3-A589-F362D435110D} - System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{D0956C11-0F60-43FE-99AD-524E833471BB}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
Task: {1DB2A3AE-C3D1-48E8-96C5-714109DE553C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29A89918-1BEE-42E0-BB86-04D209792208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29C086B1-2303-47A3-A41E-FE037D585F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {2BEF8533-4977-4D91-97F5-24D7627FBCB1} - System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826} => C:\windows\system32\pcalua.exe -a C:\Users\Standa\Downloads\IN1CHP36WW5.exe -d C:\Users\Standa\Download
Task: {469FAC2D-85C0-4DF5-B767-EA5EFA3998AB} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4FDB25C3-4769-4993-8918-E5FE6BEA9655} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {532CEB31-7037-48CF-8D4E-4F054C14192F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {55890D9A-0ADF-4C57-87C5-E4C965939250} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {73F3A9A7-639C-4965-92BE-2A5B9124172A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8AC7ACB6-E108-413E-AC86-F37DCA80FCFA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9B2D6FA2-4074-45B5-84C0-3F9B956944EE} - System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {D05BB781-0332-412E-B4AA-3815BE859124} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5C1A365-47A3-4062-9517-DB76E6801D7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E7F97ADD-6348-4525-9E8B-69614718E3B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE6C68-D156-49F1-A266-0A22D75E409A} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {F0318D16-D766-4880-863A-7F3492B3BDDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FADDF71C-588F-4574-B107-8ED7184C8F17} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FB07D9F2-B63A-4F1E-A2B1-6745941B73B3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {41545534-2D56-3743-00A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-2206289839-3769606496-711628206-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?tpid=ATU4 ... =&crxv=&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [nkjddnjnldjjnbjahcinkhkchijbjcmn] - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU4-V7C\CRX\ToolbarCR.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}
C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}
C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKU\S-1-5-21-2206289839-3769606496-711628206-1000\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16BE7DCD-E484-48E3-A589-F362D435110D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16BE7DCD-E484-48E3-A589-F362D435110D}" => removed successfully
C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DB2A3AE-C3D1-48E8-96C5-714109DE553C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DB2A3AE-C3D1-48E8-96C5-714109DE553C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21B779EB-B1C1-4F84-97FB-2EDA7EAF78D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29A89918-1BEE-42E0-BB86-04D209792208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29A89918-1BEE-42E0-BB86-04D209792208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29C086B1-2303-47A3-A41E-FE037D585F40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C086B1-2303-47A3-A41E-FE037D585F40}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BEF8533-4977-4D91-97F5-24D7627FBCB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BEF8533-4977-4D91-97F5-24D7627FBCB1}" => removed successfully
C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{469FAC2D-85C0-4DF5-B767-EA5EFA3998AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{469FAC2D-85C0-4DF5-B767-EA5EFA3998AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FDB25C3-4769-4993-8918-E5FE6BEA9655}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FDB25C3-4769-4993-8918-E5FE6BEA9655}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{532CEB31-7037-48CF-8D4E-4F054C14192F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532CEB31-7037-48CF-8D4E-4F054C14192F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55890D9A-0ADF-4C57-87C5-E4C965939250}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55890D9A-0ADF-4C57-87C5-E4C965939250}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C9F0ACF-4AC4-41CE-81BC-5ED53D711A31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73F3A9A7-639C-4965-92BE-2A5B9124172A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73F3A9A7-639C-4965-92BE-2A5B9124172A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{823A6B4B-7F7C-4EB1-8CAD-7755AA4BEF30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8AC7ACB6-E108-413E-AC86-F37DCA80FCFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AC7ACB6-E108-413E-AC86-F37DCA80FCFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B2D6FA2-4074-45B5-84C0-3F9B956944EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B2D6FA2-4074-45B5-84C0-3F9B956944EE}" => removed successfully
C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48C3BBC-6AC0-473B-9AB3-8F1E26C6E162}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D05BB781-0332-412E-B4AA-3815BE859124}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D05BB781-0332-412E-B4AA-3815BE859124}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5C1A365-47A3-4062-9517-DB76E6801D7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5C1A365-47A3-4062-9517-DB76E6801D7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E7F97ADD-6348-4525-9E8B-69614718E3B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7F97ADD-6348-4525-9E8B-69614718E3B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEAE6C68-D156-49F1-A266-0A22D75E409A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEAE6C68-D156-49F1-A266-0A22D75E409A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0318D16-D766-4880-863A-7F3492B3BDDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0318D16-D766-4880-863A-7F3492B3BDDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FADDF71C-588F-4574-B107-8ED7184C8F17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FADDF71C-588F-4574-B107-8ED7184C8F17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB07D9F2-B63A-4F1E-A2B1-6745941B73B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB07D9F2-B63A-4F1E-A2B1-6745941B73B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41545534-2D56-3743-00A7-7A786E7484D7}" => removed successfully
HKLM\Software\Classes\CLSID\{41545534-2D56-3743-00A7-7A786E7484D7} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41545534-2D56-3743-00A7-7A786E7484D7}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{41545534-2D56-3743-00A7-7A786E7484D7} => not found
"HKU\S-1-5-21-2206289839-3769606496-711628206-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Chrome DefaultSearchURL" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\System32\Tasks\{CE7B2CA1-CA9A-4BD8-B3C2-152D8C82C901}" => not found
"C:\WINDOWS\System32\Tasks\{63BE2D33-7254-4549-B4ED-AA96DF7FFB0E}" => not found
"C:\WINDOWS\System32\Tasks\{989DF8B8-8E6B-4C6F-BAC7-16816A4C8826}" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 155240427 B
Java, Flash, Steam htmlcache => 1345 B
Windows/system/drivers => 167900 B
Edge => 2877989 B
Chrome => 425310172 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 35660 B
LocalService => 0 B
NetworkService => 80908 B
NetworkService => 0 B
Standa => 92027638 B
saras => 30217081 B
Guest => 598115 B
DefaultAppPool => 6656 B

RecycleBin => 7392910 B
EmptyTemp: => 690.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:58:33 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#9 Příspěvek od Trejsi91 »

Po restartu se začali v levé dolní obrazovce objevovat oznámení z google chrome. Myslím, že to může být důvod sekání.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#10 Příspěvek od Rudy »

OK, vyčistíme prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#11 Příspěvek od Trejsi91 »

Bud č. 1 se mi nepovedl.
3h tam byl bod "ask for reboot" a jelikož bylo ve startu v nabídce pouze aktualizovat a restartovat, myslela jsem že z důvodu aktualizace to nejde. Restartovala jsem to tedy ručně a od té doby po spuštění se zobrazuje toto okno.
Výstřižek.PNG
Výstřižek.PNG (3.93 KiB) Zobrazeno 1731 x
Nevím zda je log někde na C uložen?
A zda pokračovat v bodu 2 nebo ten první nějak opakovat?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#12 Příspěvek od Rudy »

Zkuste ty utility spustit v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#13 Příspěvek od Trejsi91 »

== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\saras\AppData\Local\AVAST Software\APM\kv_pam.db" not found
"C:\Users\saras\AppData\Local\AVAST Software\APM\sarasFfl2.dat" not found
"C:\Users\saras\AppData\Local\AVAST Software\APM\saras\kv_pam.db" not found
"C:\Users\Standa\AppData\Local\AVAST Software\APM\Standa\kv_pam.db" not found
"C:\Users\saras\AppData\Local\AVAST Software" not found
"C:\Users\Standa\AppData\Local\AVAST Software" not found
"C:\Users\Standa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" deleted
"C:\Users\Standa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found

==== EOF on ne 26.05.2019 at 12:13:51,46 ======================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Standa (Administrator) on ne 26.05.2019 at 12:21:40,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\Standa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gjajpkikblccgefaibcafkfbanllpefi (Folder)
Successfully deleted: C:\Users\Standa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mbmpjbkgemhgalmeiigcdljkccfcafoj (Folder)
Successfully deleted: C:\WINDOWS\s.bat (File)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7BAEBED8-A3DE-45FF-8B2F-5622535AB215} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 26.05.2019 at 12:28:13,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#14 Příspěvek od Rudy »

OK. Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trejsi91
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 09 bře 2019 07:54

Re: kontrola logu

#15 Příspěvek od Trejsi91 »

reklamy se již nezobrazují. Chvíli po startu běžel disk na 100 % (ve správci úloh), ale koukám že po nějaké době to kleslo.

Zamčeno