Stránka 1 z 2

Preventívna kontrola

Napsal: 07 úno 2019 06:58
od Tomas1995
Prosím o kontrolu.

Re: Preventívna kontrola

Napsal: 07 úno 2019 08:06
od Diallix
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Re: Preventívna kontrola

Napsal: 07 úno 2019 10:58
od Tomas1995
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-07-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Scanned: 31793
# Detected: 26


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Tomáš\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AuslogicsBoostSpeed C:\Program Files (x86)\Auslogics\BoostSpeed
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

***** [ Files ] *****

PUP.Optional.AdvancedSystemCare C:\Windows\System32\REGISTRYDEFRAGBOOTTIME.EXE

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [4365 octets] - [09/01/2019 10:10:35]
AdwCleaner[C00].txt - [2358 octets] - [09/01/2019 10:11:45]
AdwCleaner[S01].txt - [7747 octets] - [31/01/2019 18:39:08]
AdwCleaner[C01].txt - [2457 octets] - [31/01/2019 18:39:50]
AdwCleaner[S02].txt - [7296 octets] - [31/01/2019 18:41:09]
AdwCleaner[C02].txt - [2096 octets] - [31/01/2019 18:41:45]
AdwCleaner[S03].txt - [7143 octets] - [31/01/2019 18:59:54]
AdwCleaner[S04].txt - [4109 octets] - [04/02/2019 12:07:53]
AdwCleaner[C04].txt - [2134 octets] - [04/02/2019 12:08:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Re: Preventívna kontrola

Napsal: 07 úno 2019 17:33
od Diallix
Dal ste pokyn na zmazanie najdenych veci?

Re: Preventívna kontrola

Napsal: 07 úno 2019 22:04
od Tomas1995
Áno dal som ich vymazať.

Re: Preventívna kontrola

Napsal: 08 úno 2019 04:18
od Diallix
Dobre. Mozem poprosit o nov logy FRST + ADDITION .

Re: Preventívna kontrola

Napsal: 08 úno 2019 12:08
od Tomas1995
Je v prílohe.

Re: Preventívna kontrola

Napsal: 08 úno 2019 13:39
od Diallix

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
S3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2019-02-07] (CPUID -> CPUID)
S3 AscFileControl; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
2019-02-07 10:53 - 2018-09-09 20:08 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\IObit
2019-02-07 10:53 - 2018-09-09 20:08 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\IObit
2019-02-07 10:53 - 2018-09-09 20:08 - 000000000 ____D C:\Program Files (x86)\IObit
2019-02-07 10:53 - 2018-09-09 20:07 - 000000000 ____D C:\ProgramData\IObit
2019-01-31 18:54 - 2019-01-31 18:54 - 000000000 _____ () C:\ProgramData\cis8EF.exe
2019-02-07 03:52 - 2019-02-07 03:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2019-02-07 03:52 - 2019-02-07 03:52 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-01-29 22:18 - 2018-09-25 19:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AvgSetupLog
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
Task: {D6736F9F-0300-4F44-8828-B9D215D4BF59} - System32\Tasks\ASC12_SkipUac_Tomáš => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {B559E842-046C-4DD1-B99B-E7CB4CADF9D8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-02-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {BEC3D958-44B2-4FDB-8E1A-3F58FDB46991} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\BigUpgrade.exe [2019-01-04] (IObit Information Technology -> IObit)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Preventívna kontrola

Napsal: 08 úno 2019 14:12
od Tomas1995
Fix result of Farbar Recovery Scan Tool (x64) Version: 6.02.2019
Ran by Tomáš (08-02-2019 14:10:05) Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
S3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2019-02-07] (CPUID -> CPUID)
S3 AscFileControl; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
2019-02-07 10:53 - 2018-09-09 20:08 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\IObit
2019-02-07 10:53 - 2018-09-09 20:08 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\IObit
2019-02-07 10:53 - 2018-09-09 20:08 - 000000000 ____D C:\Program Files (x86)\IObit
2019-02-07 10:53 - 2018-09-09 20:07 - 000000000 ____D C:\ProgramData\IObit
2019-01-31 18:54 - 2019-01-31 18:54 - 000000000 _____ () C:\ProgramData\cis8EF.exe
2019-02-07 03:52 - 2019-02-07 03:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2019-02-07 03:52 - 2019-02-07 03:52 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-01-29 22:18 - 2018-09-25 19:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AvgSetupLog
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {D6736F9F-0300-4F44-8828-B9D215D4BF59} - System32\Tasks\ASC12_SkipUac_Tomáš => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {B559E842-046C-4DD1-B99B-E7CB4CADF9D8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-02-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {BEC3D958-44B2-4FDB-8E1A-3F58FDB46991} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\BigUpgrade.exe [2019-01-04] (IObit Information Technology -> IObit)

EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.
C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully
cpuz143 => service removed successfully
HKLM\System\CurrentControlSet\Services\AscFileControl => removed successfully
AscFileControl => service removed successfully
HKLM\System\CurrentControlSet\Services\AscFileFilter => removed successfully
AscFileFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\AscRegistryFilter => removed successfully
AscRegistryFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\iobit_monitor_server => removed successfully
iobit_monitor_server => service removed successfully
C:\Users\Tomáš\AppData\Roaming\IObit => moved successfully
C:\Users\Tomáš\AppData\LocalLow\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\ProgramData\cis8EF.exe => moved successfully
C:\WINDOWS\System32\Tasks\AVG => moved successfully
C:\Program Files\Common Files\AVG => moved successfully
C:\Users\Tomáš\AppData\Local\AvgSetupLog => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6736F9F-0300-4F44-8828-B9D215D4BF59}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6736F9F-0300-4F44-8828-B9D215D4BF59}" => removed successfully
C:\WINDOWS\System32\Tasks\ASC12_SkipUac_Tomáš => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC12_SkipUac_Tomáš" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B559E842-046C-4DD1-B99B-E7CB4CADF9D8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B559E842-046C-4DD1-B99B-E7CB4CADF9D8}" => removed successfully
"C:\WINDOWS\System32\Tasks\AVG\Overseer" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BEC3D958-44B2-4FDB-8E1A-3F58FDB46991}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEC3D958-44B2-4FDB-8E1A-3F58FDB46991}" => removed successfully
C:\WINDOWS\System32\Tasks\DB Bigupgrade Task ( One Time ) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DB Bigupgrade Task ( One Time )" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13771835 B
Java, Flash, Steam htmlcache => 373342867 B
Windows/system/drivers => 85662615 B
Edge => 10240 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18730 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Tomáš => 50336184 B

RecycleBin => 0 B
EmptyTemp: => 510.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:10:26 ====

Re: Preventívna kontrola

Napsal: 08 úno 2019 14:17
od Diallix
Ako je na tom pocitac?

Re: Preventívna kontrola

Napsal: 08 úno 2019 14:44
od Tomas1995
Je na tom o dosť lepšie dakujem.

Re: Preventívna kontrola

Napsal: 08 úno 2019 14:45
od Diallix
Nemate zac :]]

Re: Preventívna kontrola

Napsal: 08 úno 2019 14:57
od Tomas1995
Chcem sa ešte spýtať log je v poriadku,myslím okrem toho čo vymazalo ?

Re: Preventívna kontrola

Napsal: 08 úno 2019 15:06
od Diallix
Ano, nevidim nic nebezpecne. :]]

Re: Preventívna kontrola

Napsal: 08 úno 2019 15:23
od Tomas1995
Super ešte raz ďakujem.