Stránka 1 z 1

Vyskakovací okno s reklamou a pomalejší pc

Napsal: 07 říj 2019 11:19
od heanka
Dobrý den,
prosím o kontrolu logu. Vyskakuje mi často v pravém dolním rohu oknu s reklamou gretaith . com.
Pc je pomalejší.
Děkuji moc za ochotu a váš čas :)

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 07 říj 2019 12:04
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 07 říj 2019 13:17
od heanka
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-07-2019
# Duration: 00:00:23
# OS: Windows 10 Pro
# Cleaned: 20
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\Uživatel\Downloads\ReimageRepair.exe
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [27092 octets] - [07/10/2019 14:05:41]
AdwCleaner[S00].txt - [3223 octets] - [07/10/2019 14:06:58]
AdwCleaner[S01].txt - [3285 octets] - [07/10/2019 14:09:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 07 říj 2019 16:37
od Rudy
Dejte nové logy FRST+Addition.

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 08 říj 2019 10:01
od heanka
Posílám a děkuji

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 08 říj 2019 14:40
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Users\Dobrá Srdce\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-862277543-4192878116-4282174110-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Dobrá Srdce\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3CE2E939-95F7-4338-9417-F2FD1A51BDAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-13] (Google Inc -> Google Inc.)
Task: {5FEDCB68-B8D2-4F71-B9F6-FE0C7AADC5B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-13] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{2157681C-CB7F-43FB-A6BA-99633D333FE0}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{DB0F63E8-4573-4CED-AF9E-D84C8D1341DB}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{8592138E-CE99-4B89-BEE9-AE7233509E8F}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{01EDB0C3-39A3-4553-AB8C-2F2107FF4E38}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{E1A06453-6C13-4D6B-9200-77CEC5B70661}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe No File
FirewallRules: [{C1105311-F9F7-48C2-B215-490A27758ADD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe No File
FirewallRules: [{094E032A-B6F9-46CF-9E24-B0B85DEE4098}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe No File
FirewallRules: [{035216BE-4176-4B12-A3A8-2A3B5E7E80FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe No File
FirewallRules: [{929A5CDC-5614-4796-A051-26946D22E199}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe No File
FirewallRules: [{E577D4FE-657E-4696-9CC6-03B42F94F58C}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.exe No File
FirewallRules: [{6ACFCB4B-0DFB-43F5-B4CE-6FF86709D796}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.x86.exe No File
FirewallRules: [{3CD64613-4C61-4343-AAA3-ACCAEBC2573D}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.exe No File
FirewallRules: [{D5AC4C74-C406-422A-BC67-68876C6A19D4}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.x86.exe No File
FirewallRules: [{7B2FC321-E75B-46ED-82B5-FD7D480EC67E}] => (Allow) C:\Users\Dobrá Srdce\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{090FECFF-179D-45C1-A757-06F49D754043}] => (Allow) C:\Users\Dobrá Srdce\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 08 říj 2019 15:58
od heanka
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by Dobrá Srdce (08-10-2019 16:45:28) Run:1
Running from C:\Users\Dobrá Srdce\Desktop
Loaded Profiles: Dobrá Srdce (Available Profiles: Dobrá Srdce & Uživatel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Users\Dobrá Srdce\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-862277543-4192878116-4282174110-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Dobrá Srdce\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3CE2E939-95F7-4338-9417-F2FD1A51BDAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-13] (Google Inc -> Google Inc.)
Task: {5FEDCB68-B8D2-4F71-B9F6-FE0C7AADC5B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-13] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{2157681C-CB7F-43FB-A6BA-99633D333FE0}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{DB0F63E8-4573-4CED-AF9E-D84C8D1341DB}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{8592138E-CE99-4B89-BEE9-AE7233509E8F}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{01EDB0C3-39A3-4553-AB8C-2F2107FF4E38}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{E1A06453-6C13-4D6B-9200-77CEC5B70661}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe No File
FirewallRules: [{C1105311-F9F7-48C2-B215-490A27758ADD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe No File
FirewallRules: [{094E032A-B6F9-46CF-9E24-B0B85DEE4098}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe No File
FirewallRules: [{035216BE-4176-4B12-A3A8-2A3B5E7E80FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe No File
FirewallRules: [{929A5CDC-5614-4796-A051-26946D22E199}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe No File
FirewallRules: [{E577D4FE-657E-4696-9CC6-03B42F94F58C}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.exe No File
FirewallRules: [{6ACFCB4B-0DFB-43F5-B4CE-6FF86709D796}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.x86.exe No File
FirewallRules: [{3CD64613-4C61-4343-AAA3-ACCAEBC2573D}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.exe No File
FirewallRules: [{D5AC4C74-C406-422A-BC67-68876C6A19D4}] => (Allow) C:\Program Files\NiceLabel\NiceLabel 2017\bin.net\NiceLabelAutomationService2017.x86.exe No File
FirewallRules: [{7B2FC321-E75B-46ED-82B5-FD7D480EC67E}] => (Allow) C:\Users\Dobrá Srdce\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{090FECFF-179D-45C1-A757-06F49D754043}] => (Allow) C:\Users\Dobrá Srdce\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\Dobrá Srdce\AppData\Local\Akamai => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-862277543-4192878116-4282174110-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3CE2E939-95F7-4338-9417-F2FD1A51BDAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CE2E939-95F7-4338-9417-F2FD1A51BDAD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FEDCB68-B8D2-4F71-B9F6-FE0C7AADC5B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FEDCB68-B8D2-4F71-B9F6-FE0C7AADC5B4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2157681C-CB7F-43FB-A6BA-99633D333FE0}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB0F63E8-4573-4CED-AF9E-D84C8D1341DB}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8592138E-CE99-4B89-BEE9-AE7233509E8F}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{01EDB0C3-39A3-4553-AB8C-2F2107FF4E38}C:\users\dobrá srdce\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1A06453-6C13-4D6B-9200-77CEC5B70661}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1105311-F9F7-48C2-B215-490A27758ADD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{094E032A-B6F9-46CF-9E24-B0B85DEE4098}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{035216BE-4176-4B12-A3A8-2A3B5E7E80FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{929A5CDC-5614-4796-A051-26946D22E199}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E577D4FE-657E-4696-9CC6-03B42F94F58C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6ACFCB4B-0DFB-43F5-B4CE-6FF86709D796}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CD64613-4C61-4343-AAA3-ACCAEBC2573D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5AC4C74-C406-422A-BC67-68876C6A19D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B2FC321-E75B-46ED-82B5-FD7D480EC67E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{090FECFF-179D-45C1-A757-06F49D754043}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 200108481 B
Java, Flash, Steam htmlcache => 1241 B
Windows/system/drivers => 2492195 B
Edge => 43358056 B
Chrome => 464438986 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 59962 B
LocalService => 59962 B
NetworkService => 72998 B
NetworkService => 72998 B
Dobrá Srdce => 123605883 B
Uživatel => 300649343 B

RecycleBin => 31184880 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:51:06 ====

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 08 říj 2019 16:56
od Rudy
Smazáno. Nastala nějaká změna?

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 08 říj 2019 20:00
od heanka
Okno stále vyskakuje

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 08 říj 2019 21:01
od Rudy
Vyčistíme prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 09 říj 2019 17:11
od heanka
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Dobr  Srdce on 09.10.2019 at 16:58:28,05.
Microsoft Windows 10 Pro 10.0.18362 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DOBRSR~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09.10.2019 17:13:56 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DOBRSR~1\AppData\Local\DBG deleted successfully
C:\Users\DOBRSR~1\AppData\Local\PeerDistRepub deleted successfully
C:\Users\DOBRSR~1\AppData\Local\VirtualStore deleted successfully
C:\Users\UIVATE~1\AppData\Local\DBG deleted successfully
C:\Users\UIVATE~1\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\Users\UIVATE~1\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\7en47v0d.default\prefs.js:

Added to C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\7en47v0d.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\vtzscxl4.default\prefs.js:

Added to C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\vtzscxl4.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Freemake not found
C:\PROGRA~3\Package Cache deleted
C:\Users\UIVATE~1\AppData\Local\Unity deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM22245.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2567B.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM26795.tmp deleted
"C:\WINDOWS\Installer\ab5fcb9.msi" deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe" deleted
"C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5\service.log" not deleted
"C:\Users\DOBRSR~1\AppData\Local\AVAST Software\APM\Dobrá SrdceFfl2.dat" deleted
"C:\Users\UIVATE~1\AppData\Local\AVAST Software\APM\UživatelFfl2.dat" deleted
"C:\PROGRA~2\PDF Architect 5 Manager" not deleted
"C:\PROGRA~3\{A7FC83AA-CF1C-44DC-850F-DDC734731254}" deleted
"C:\Users\DOBRSR~1\AppData\Local\AVAST Software" not deleted
"C:\Users\UIVATE~1\AppData\Local\AVAST Software" not deleted
"C:\Users\UIVATE~1\AppData\LocalLow\Unity" deleted
"C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5" not deleted
"C:\Users\DOBRSR~1\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\DOBRSR~1\AppData\Local\AVAST Software\APM\Dobrá Srdce" deleted
"C:\Users\UIVATE~1\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\UIVATE~1\AppData\Local\AVAST Software\APM\Uživatel" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\7en47v0d.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\vtzscxl4.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"web2pdfextension.17@acrobat.adobe.com"="C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi" [01.05.2019 12:48]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension.17@acrobat.adobe.com"="C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi" [01.05.2019 12:48]

==== Firefox Extensions ======================

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\7en47v0d.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\vtzscxl4.default
- Undetermined - C:\Users\UĹľivatel\AppData\Roaming\Thunderbird\Profiles\vtzscxl4.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 77.0.3865.90

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

PomocnĂ­k GIVT.cz - DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop
Chrome Media Router - DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Uberwordi - UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmdobmfkpgmienhggeodlppemiiodie
Avast Online Security - UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D98903845AF5FD140AF2D5B1D4C5378B deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4830989D-5FA5-41DF-A02F-5D1B4D5C73B8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D98903845AF5FD140AF2D5B1D4C5378B deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\IE\5U0P6120 will be deleted at reboot
C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\IE\EDO9N37O will be deleted at reboot
C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\IE\PDW3R35J will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\UIVATE~1\AppData\Local\Mozilla\Firefox\Profiles\7en47v0d.default\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\DOBRSR~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3223 folders=1288 479596520 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DOBRSR~1\AppData\Local\Temp will be emptied at reboot
C:\Users\UIVATE~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\DOBRSR~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5\service.log" not found
"C:\PROGRA~2\PDF Architect 5 Manager" not found
"C:\Users\DOBRSR~1\AppData\Local\AVAST Software" not found
"C:\Users\UIVATE~1\AppData\Local\AVAST Software" not found
"C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\IE\5U0P6120" not found
"C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\IE\EDO9N37O" not found
"C:\Users\DOBRSR~1\AppData\Local\Microsoft\Windows\INetCache\IE\PDW3R35J" not found

==== EOF on 09.10.2019 at 17:56:51,37 ======================



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Dobr  Srdce (Administrator) on 09.10.2019 at 18:01:34,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 3

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{84F23192-A475-4038-B5C0-8584777F2DF4} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.10.2019 at 18:12:12,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 09 říj 2019 17:49
od Rudy
OK. Změnilo se něco?

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 09 říj 2019 19:59
od heanka
Vypadá to nadějně, děkuji moc.
Mám pc zaplé půl hodinky cca, je rychlejší a zatím žádné okno nevyskočilo.

Re: Vyskakovací okno s reklamou a pomalejší pc

Napsal: 09 říj 2019 20:52
od Rudy
Tak to jsem rád. Nemáte zač! :)