Thinapp bootlader error

[djmirente]

Ahojte

Dlhšiu dobu mám problém vyskakuje mi hláška:

Plus mi defender každý deň hádže do karantený súbory typu:Fuery.B!cl,Cloxer.D!cl

Tu je log z FRST

[Rudy]

Zdravím!
Máte nainstalovanou virtuálku a ta má problém se zevedením. Řešení zde: https://translate.google.com/translate? ... rev=search .

[djmirente]

Zdravím!
Máte nainstalovanou virtuálku a ta má problém se zevedením. Řešení zde: https://translate.google.com/translate? ... rev=search .

Problém je, že som si nie vedomý toho že by som inštaloval nejaký WMware jedine čo som naposledy inštaloval bol Hamachi. Ale skôr by ma zaujímali tie súbory, ktoré defender ukladá do karantény a stále po štarte windowsu sa objavujú.

[Rudy]

OK, zkusíme PC vyčistit. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[djmirente]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-08-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://websearch.searchingissme.info/?unqvl=23

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1979 octets] - [08/01/2019 18:27:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[djmirente]

Pripájam nový frst log

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-4254272432-1314880526-15813765-1001\...\MountPoints2: {a95ecd82-726a-11e6-9bd5-93b162a9a192} - "F:\autorun.exe" Launch.hta
HKU\S-1-5-21-4254272432-1314880526-15813765-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-4254272432-1314880526-15813765-1001 -> DefaultScope {A9C35B68-45D5-4E74-955D-170D3FEF8EBE} URL =
SearchScopes: HKU\S-1-5-21-4254272432-1314880526-15813765-1001 -> {A9C35B68-45D5-4E74-955D-170D3FEF8EBE} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Miroslav Šušovica\AppData\Local\SQ.RemoverDelete.bat
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {17ACE940-39C5-4899-92A3-F81511652928} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-19] (Google Inc.)
Task: {806718BB-2972-4288-9016-EE5F3C301848} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-19] (Google Inc.)
Task: {A21266AA-EC01-4F21-AE4C-6C7A5B7819ED} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {CDE98BF1-F921-4ADC-A5ED-3D427F65E081} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
FirewallRules: [TCP Query User{710CA5B2-1A25-42B5-BF4A-E8FBEF00D5CD}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe No File
FirewallRules: [UDP Query User{76F4C08A-0B2C-4775-B9EB-E52B6FB2A309}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe No File
FirewallRules: [{6A32FCFC-0BB7-42C5-95BE-17541BFA75C6}] => (Allow) C:\Users\Miroslav Šušovica\Downloads\bin\BlackDesert32.exe No File
FirewallRules: [{DE7DD4A5-BF62-41EC-9338-A9408825A312}] => (Allow) C:\Users\Miroslav Šušovica\Downloads\bin64\BlackDesert64.exe No File
FirewallRules: [{01051A6A-68BA-406E-A35E-9470207CF1D7}] => (Allow) C:\Users\Miroslav Šušovica\Downloads\BlackDesert_Launcher.exe No File
FirewallRules: [{2B807704-BE9F-4EBF-9924-D53B7A37915E}] => (Allow) C:\Users\Miroslav Šušovica\Downloads\BlackDesert_Downloader.exe No File
FirewallRules: [TCP Query User{CB204E41-2CA0-4B16-831F-DA5926757020}D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [UDP Query User{46A3A4F9-73A4-4954-847D-FD6B1195A3E9}D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [TCP Query User{683D2F88-EC8D-4717-BA8D-1C235B165051}C:\users\miroslav šušovica\appdata\local\temp\rar$ex46.824\rmp.exe] => (Allow) C:\users\miroslav šušovica\appdata\local\temp\rar$ex46.824\rmp.exe No File
FirewallRules: [UDP Query User{74DDB53D-8E1B-4130-BCBA-AF147562D04D}C:\users\miroslav šušovica\appdata\local\temp\rar$ex46.824\rmp.exe] => (Allow) C:\users\miroslav šušovica\appdata\local\temp\rar$ex46.824\rmp.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[djmirente]

Hotovo ale žial defender stále dáva tie súbory do karantény a teraz je tam aj jeden nový: Zpevdo.A


Fix result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019
Ran by Miroslav Šušovica (09-01-2019 16:19:42) Run:1
Running from C:\Users\Miroslav Šušovica\Desktop
Loaded Profiles: Miroslav Šušovica (Available Profiles: Miroslav Šušovica)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-4254272432-1314880526-15813765-1001\...\MountPoints2: {a95ecd82-726a-11e6-9bd5-93b162a9a192} - "F:\autorun.exe" Launch.hta
HKU\S-1-5-21-4254272432-1314880526-15813765-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-4254272432-1314880526-15813765-1001 -> DefaultScope {A9C35B68-45D5-4E74-955D-170D3FEF8EBE} URL =
SearchScopes: HKU\S-1-5-21-4254272432-1314880526-15813765-1001 -> {A9C35B68-45D5-4E74-955D-170D3FEF8EBE} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Miroslav �u�ovica\AppData\Local\SQ.RemoverDelete.bat
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {17ACE940-39C5-4899-92A3-F81511652928} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-19] (Google Inc.)
Task: {806718BB-2972-4288-9016-EE5F3C301848} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-19] (Google Inc.)
Task: {A21266AA-EC01-4F21-AE4C-6C7A5B7819ED} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {CDE98BF1-F921-4ADC-A5ED-3D427F65E081} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
FirewallRules: [TCP Query User{710CA5B2-1A25-42B5-BF4A-E8FBEF00D5CD}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe No File
FirewallRules: [UDP Query User{76F4C08A-0B2C-4775-B9EB-E52B6FB2A309}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe No File
FirewallRules: [{6A32FCFC-0BB7-42C5-95BE-17541BFA75C6}] => (Allow) C:\Users\Miroslav �u�ovica\Downloads\bin\BlackDesert32.exe No File
FirewallRules: [{DE7DD4A5-BF62-41EC-9338-A9408825A312}] => (Allow) C:\Users\Miroslav �u�ovica\Downloads\bin64\BlackDesert64.exe No File
FirewallRules: [{01051A6A-68BA-406E-A35E-9470207CF1D7}] => (Allow) C:\Users\Miroslav �u�ovica\Downloads\BlackDesert_Launcher.exe No File
FirewallRules: [{2B807704-BE9F-4EBF-9924-D53B7A37915E}] => (Allow) C:\Users\Miroslav �u�ovica\Downloads\BlackDesert_Downloader.exe No File
FirewallRules: [TCP Query User{CB204E41-2CA0-4B16-831F-DA5926757020}D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [UDP Query User{46A3A4F9-73A4-4954-847D-FD6B1195A3E9}D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [TCP Query User{683D2F88-EC8D-4717-BA8D-1C235B165051}C:\users\miroslav �u�ovica\appdata\local\temp\rar$ex46.824\rmp.exe] => (Allow) C:\users\miroslav �u�ovica\appdata\local\temp\rar$ex46.824\rmp.exe No File
FirewallRules: [UDP Query User{74DDB53D-8E1B-4130-BCBA-AF147562D04D}C:\users\miroslav �u�ovica\appdata\local\temp\rar$ex46.824\rmp.exe] => (Allow) C:\users\miroslav �u�ovica\appdata\local\temp\rar$ex46.824\rmp.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-4254272432-1314880526-15813765-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a95ecd82-726a-11e6-9bd5-93b162a9a192} => removed successfully
HKLM\Software\Classes\CLSID\{a95ecd82-726a-11e6-9bd5-93b162a9a192} => not found
"HKU\S-1-5-21-4254272432-1314880526-15813765-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-4254272432-1314880526-15813765-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4254272432-1314880526-15813765-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A9C35B68-45D5-4E74-955D-170D3FEF8EBE} => removed successfully
HKLM\Software\Classes\CLSID\{A9C35B68-45D5-4E74-955D-170D3FEF8EBE} => not found
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"C:\Users\Miroslav �u�ovica\AppData\Local\SQ.RemoverDelete.bat" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17ACE940-39C5-4899-92A3-F81511652928}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17ACE940-39C5-4899-92A3-F81511652928}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{806718BB-2972-4288-9016-EE5F3C301848}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{806718BB-2972-4288-9016-EE5F3C301848}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A21266AA-EC01-4F21-AE4C-6C7A5B7819ED}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A21266AA-EC01-4F21-AE4C-6C7A5B7819ED}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDE98BF1-F921-4ADC-A5ED-3D427F65E081}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDE98BF1-F921-4ADC-A5ED-3D427F65E081}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{710CA5B2-1A25-42B5-BF4A-E8FBEF00D5CD}C:\program files (x86)\magicplus\magicplus.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{76F4C08A-0B2C-4775-B9EB-E52B6FB2A309}C:\program files (x86)\magicplus\magicplus.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A32FCFC-0BB7-42C5-95BE-17541BFA75C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE7DD4A5-BF62-41EC-9338-A9408825A312}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01051A6A-68BA-406E-A35E-9470207CF1D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B807704-BE9F-4EBF-9924-D53B7A37915E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CB204E41-2CA0-4B16-831F-DA5926757020}D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{46A3A4F9-73A4-4954-847D-FD6B1195A3E9}D:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{683D2F88-EC8D-4717-BA8D-1C235B165051}C:\users\miroslav �u�ovica\appdata\local\temp\rar$ex46.824\rmp.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{74DDB53D-8E1B-4130-BCBA-AF147562D04D}C:\users\miroslav �u�ovica\appdata\local\temp\rar$ex46.824\rmp.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 181148387 B
Java, Flash, Steam htmlcache => 43365924 B
Windows/system/drivers => 1196586 B
Edge => 1443932 B
Chrome => 352414667 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 234524 B
NetworkService => 0 B
Miroslav Šušovica => 18137815 B

RecycleBin => 0 B
EmptyTemp: => 578 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:21:03 ====

[Rudy]

OK. Udělějte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.

[djmirente]

Hotovo vyzerá to tak, že všetko je ako má byť. Ďakujem

[Rudy]

Nemáte zač!