Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka pls
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivka pls
zdravím, rád bych vás poprosil o preventivku
- Přílohy
-
- FRST,ADDITION,LOG.rar
- (32.51 KiB) Staženo 86 x
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka pls
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka pls
díky moc, vyskočily dva tak sem dávám oba
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 57
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
Deleted C:\Users\já\AppData\Local\UCBrowser
Deleted C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
Deleted C:\Users\já\AppData\Roaming\Seznam.cz
Deleted C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
***** [ Files ] *****
Deleted C:\Users\já\AppData\Roaming\Installer.dat
Deleted C:\Users\já\AppData\Roaming\Main.dat
Deleted C:\Users\já\AppData\Roaming\agent.dat
Deleted C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted C:\Windows\Syswow64\kz.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\UPDATER_ONLINE_APPLICATION
Deleted C:\Windows\Tasks\UPDATER_ONLINE_APPLICATION.JOB
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted HKCU\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted HKLM\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted HKLM\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted HKLM\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted HKLM\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{052FC55C-49A4-4FDF-9703-7B53B2D36668}
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:29
# OS: Windows 10 Home
# Scanned: 27501
# Detected: 57
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.DriverDoc C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
PUP.Optional.OnlineIO C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\já\AppData\Roaming\Seznam.cz
PUP.Optional.UCBrowser C:\Users\já\AppData\Local\UCBrowser
PUP.Optional.UCBrowser C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\já\AppData\Roaming\Installer.dat
PUP.Optional.Legacy C:\Users\já\AppData\Roaming\Main.dat
PUP.Optional.Legacy C:\Users\já\AppData\Roaming\agent.dat
PUP.Optional.Legacy C:\Windows\Syswow64\kz.exe
PUP.Optional.OnlineIO C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.Microleaves C:\Windows\System32\Tasks\UPDATER_ONLINE_APPLICATION
PUP.Optional.Microleaves C:\Windows\Tasks\UPDATER_ONLINE_APPLICATION.JOB
***** [ Registry ] *****
Adware.OnlineIO HKLM\Software\Wow6432Node\Microleaves
PUP.Adware.Heuristic HKCU\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\E88669B7DA6BB7C8C829370719556C18
PUP.Adware.Heuristic HKU\.DEFAULT\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
PUP.Adware.Heuristic HKU\S-1-5-18\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
PUP.Optional.Legacy HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\xvb`lj
PUP.Optional.Legacy HKLM\Software\xvb`lj
PUP.Optional.Legacy HKU\.DEFAULT\Software\xvb`lj
PUP.Optional.Legacy HKU\S-1-5-18\Software\xvb`lj
PUP.Optional.Microleaves HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{052FC55C-49A4-4FDF-9703-7B53B2D36668}
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 57
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
Deleted C:\Users\já\AppData\Local\UCBrowser
Deleted C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
Deleted C:\Users\já\AppData\Roaming\Seznam.cz
Deleted C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
***** [ Files ] *****
Deleted C:\Users\já\AppData\Roaming\Installer.dat
Deleted C:\Users\já\AppData\Roaming\Main.dat
Deleted C:\Users\já\AppData\Roaming\agent.dat
Deleted C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted C:\Windows\Syswow64\kz.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\UPDATER_ONLINE_APPLICATION
Deleted C:\Windows\Tasks\UPDATER_ONLINE_APPLICATION.JOB
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted HKCU\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted HKLM\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted HKLM\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted HKLM\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted HKLM\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{052FC55C-49A4-4FDF-9703-7B53B2D36668}
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:29
# OS: Windows 10 Home
# Scanned: 27501
# Detected: 57
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.DriverDoc C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
PUP.Optional.OnlineIO C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\já\AppData\Roaming\Seznam.cz
PUP.Optional.UCBrowser C:\Users\já\AppData\Local\UCBrowser
PUP.Optional.UCBrowser C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\já\AppData\Roaming\Installer.dat
PUP.Optional.Legacy C:\Users\já\AppData\Roaming\Main.dat
PUP.Optional.Legacy C:\Users\já\AppData\Roaming\agent.dat
PUP.Optional.Legacy C:\Windows\Syswow64\kz.exe
PUP.Optional.OnlineIO C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.Microleaves C:\Windows\System32\Tasks\UPDATER_ONLINE_APPLICATION
PUP.Optional.Microleaves C:\Windows\Tasks\UPDATER_ONLINE_APPLICATION.JOB
***** [ Registry ] *****
Adware.OnlineIO HKLM\Software\Wow6432Node\Microleaves
PUP.Adware.Heuristic HKCU\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\E88669B7DA6BB7C8C829370719556C18
PUP.Adware.Heuristic HKU\.DEFAULT\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
PUP.Adware.Heuristic HKU\S-1-5-18\SOFTWARE\E88669B7DA6BB7C8C829370719556C18
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
PUP.Optional.Legacy HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
PUP.Optional.Legacy HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\xvb`lj
PUP.Optional.Legacy HKLM\Software\xvb`lj
PUP.Optional.Legacy HKU\.DEFAULT\Software\xvb`lj
PUP.Optional.Legacy HKU\S-1-5-18\Software\xvb`lj
PUP.Optional.Microleaves HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{052FC55C-49A4-4FDF-9703-7B53B2D36668}
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka pls
V ADW ještě klikněte na mazání, restartujte a dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka pls
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\já\Desktop\cisteni jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\MountPoints2: {b1cac865-76e1-11e7-9f74-206a8aa24e4f} - "G:\SETUP.EXE"
Task: {44709A01-1AD2-46FA-90B3-42E04B66F36C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\AutoKMS.exe
Task: {7BC08E76-4DCF-4845-B7C1-9481CD58AEAF} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: {8A87214A-013F-4C66-AF71-F39D199D90D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {987CD27B-D8C0-4184-A59C-265845EF93F5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DF5EBB34-3CE7-471F-8862-B6A81F4BB839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll => No File
U3 aswbdisk; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers2: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ontextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [UDP Query User{370F44EC-2BD2-4191-8BE9-42AAE43A7940}C:\users\já\appdata\local\crossout\launcher.exe] => (Allow) C:\users\já\appdata\local\crossout\launcher.exe No File
FirewallRules: [TCP Query User{3A668260-03D9-4EC6-A366-DBE8669C71A6}C:\users\já\appdata\local\crossout\launcher.exe] => (Allow) C:\users\já\appdata\local\crossout\launcher.exe No File
FirewallRules: [UDP Query User{14F3A31B-BDC5-4BCC-A8EC-A883F852880D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Block) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{DF1450D1-ED28-4535-9C7C-E467FB99E39A}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Block) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [{A3CBD487-37E8-49D4-A58D-ED4456B9C9FD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{772A1E77-B4FF-4DE2-A8A2-1A968B304AFF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
EmptyTemp:
End
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka pls
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by já (03-06-2019 20:25:37) Run:1
Running from C:\Users\já\Desktop\cisteni
Loaded Profiles: já (Available Profiles: já)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\MountPoints2: {b1cac865-76e1-11e7-9f74-206a8aa24e4f} - "G:\SETUP.EXE"
Task: {44709A01-1AD2-46FA-90B3-42E04B66F36C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\AutoKMS.exe
Task: {7BC08E76-4DCF-4845-B7C1-9481CD58AEAF} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: {8A87214A-013F-4C66-AF71-F39D199D90D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {987CD27B-D8C0-4184-A59C-265845EF93F5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DF5EBB34-3CE7-471F-8862-B6A81F4BB839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll => No File
U3 aswbdisk; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers2: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ontextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [UDP Query User{370F44EC-2BD2-4191-8BE9-42AAE43A7940}C:\users\j�\appdata\local\crossout\launcher.exe] => (Allow) C:\users\j�\appdata\local\crossout\launcher.exe No File
FirewallRules: [TCP Query User{3A668260-03D9-4EC6-A366-DBE8669C71A6}C:\users\j�\appdata\local\crossout\launcher.exe] => (Allow) C:\users\j�\appdata\local\crossout\launcher.exe No File
FirewallRules: [UDP Query User{14F3A31B-BDC5-4BCC-A8EC-A883F852880D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Block) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{DF1450D1-ED28-4535-9C7C-E467FB99E39A}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Block) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [{A3CBD487-37E8-49D4-A58D-ED4456B9C9FD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{772A1E77-B4FF-4DE2-A8A2-1A968B304AFF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
EmptyTemp:
End
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-912284268-512413669-3595411638-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1cac865-76e1-11e7-9f74-206a8aa24e4f} => removed successfully
HKLM\Software\Classes\CLSID\{b1cac865-76e1-11e7-9f74-206a8aa24e4f} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44709A01-1AD2-46FA-90B3-42E04B66F36C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44709A01-1AD2-46FA-90B3-42E04B66F36C}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"C:\WINDOWS\AutoKMS.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BC08E76-4DCF-4845-B7C1-9481CD58AEAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC08E76-4DCF-4845-B7C1-9481CD58AEAF}" => removed successfully
C:\WINDOWS\System32\Tasks\UCBrowserUpdater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A87214A-013F-4C66-AF71-F39D199D90D1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A87214A-013F-4C66-AF71-F39D199D90D1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{987CD27B-D8C0-4184-A59C-265845EF93F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987CD27B-D8C0-4184-A59C-265845EF93F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF5EBB34-3CE7-471F-8862-B6A81F4BB839}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5EBB34-3CE7-471F-8862-B6A81F4BB839}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\KuaiZip2ShlExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\KuaiZip2ShlExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\KuaiZip2ShlExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
ontextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{370F44EC-2BD2-4191-8BE9-42AAE43A7940}C:\users\j�\appdata\local\crossout\launcher.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A668260-03D9-4EC6-A366-DBE8669C71A6}C:\users\j�\appdata\local\crossout\launcher.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14F3A31B-BDC5-4BCC-A8EC-A883F852880D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DF1450D1-ED28-4535-9C7C-E467FB99E39A}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3CBD487-37E8-49D4-A58D-ED4456B9C9FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{772A1E77-B4FF-4DE2-A8A2-1A968B304AFF}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 227559846 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 19286801 B
Edge => 531946 B
Chrome => 420706375 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 54326 B
LocalService => 0 B
NetworkService => 35938 B
NetworkService => 0 B
já => 8077001 B
RecycleBin => 266771130 B
EmptyTemp: => 909.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:28:50 ====
Ran by já (03-06-2019 20:25:37) Run:1
Running from C:\Users\já\Desktop\cisteni
Loaded Profiles: já (Available Profiles: já)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\MountPoints2: {b1cac865-76e1-11e7-9f74-206a8aa24e4f} - "G:\SETUP.EXE"
Task: {44709A01-1AD2-46FA-90B3-42E04B66F36C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\AutoKMS.exe
Task: {7BC08E76-4DCF-4845-B7C1-9481CD58AEAF} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: {8A87214A-013F-4C66-AF71-F39D199D90D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {987CD27B-D8C0-4184-A59C-265845EF93F5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DF5EBB34-3CE7-471F-8862-B6A81F4BB839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll => No File
U3 aswbdisk; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers2: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [KuaiZip2ShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ontextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [UDP Query User{370F44EC-2BD2-4191-8BE9-42AAE43A7940}C:\users\j�\appdata\local\crossout\launcher.exe] => (Allow) C:\users\j�\appdata\local\crossout\launcher.exe No File
FirewallRules: [TCP Query User{3A668260-03D9-4EC6-A366-DBE8669C71A6}C:\users\j�\appdata\local\crossout\launcher.exe] => (Allow) C:\users\j�\appdata\local\crossout\launcher.exe No File
FirewallRules: [UDP Query User{14F3A31B-BDC5-4BCC-A8EC-A883F852880D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Block) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{DF1450D1-ED28-4535-9C7C-E467FB99E39A}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Block) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [{A3CBD487-37E8-49D4-A58D-ED4456B9C9FD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{772A1E77-B4FF-4DE2-A8A2-1A968B304AFF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
EmptyTemp:
End
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-912284268-512413669-3595411638-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1cac865-76e1-11e7-9f74-206a8aa24e4f} => removed successfully
HKLM\Software\Classes\CLSID\{b1cac865-76e1-11e7-9f74-206a8aa24e4f} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44709A01-1AD2-46FA-90B3-42E04B66F36C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44709A01-1AD2-46FA-90B3-42E04B66F36C}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"C:\WINDOWS\AutoKMS.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BC08E76-4DCF-4845-B7C1-9481CD58AEAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC08E76-4DCF-4845-B7C1-9481CD58AEAF}" => removed successfully
C:\WINDOWS\System32\Tasks\UCBrowserUpdater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A87214A-013F-4C66-AF71-F39D199D90D1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A87214A-013F-4C66-AF71-F39D199D90D1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{987CD27B-D8C0-4184-A59C-265845EF93F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987CD27B-D8C0-4184-A59C-265845EF93F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF5EBB34-3CE7-471F-8862-B6A81F4BB839}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5EBB34-3CE7-471F-8862-B6A81F4BB839}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\KuaiZip2ShlExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\KuaiZip2ShlExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\KuaiZip2ShlExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3F} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
ontextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{370F44EC-2BD2-4191-8BE9-42AAE43A7940}C:\users\j�\appdata\local\crossout\launcher.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A668260-03D9-4EC6-A366-DBE8669C71A6}C:\users\j�\appdata\local\crossout\launcher.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14F3A31B-BDC5-4BCC-A8EC-A883F852880D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DF1450D1-ED28-4535-9C7C-E467FB99E39A}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3CBD487-37E8-49D4-A58D-ED4456B9C9FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{772A1E77-B4FF-4DE2-A8A2-1A968B304AFF}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 227559846 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 19286801 B
Edge => 531946 B
Chrome => 420706375 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 54326 B
LocalService => 0 B
NetworkService => 35938 B
NetworkService => 0 B
já => 8077001 B
RecycleBin => 266771130 B
EmptyTemp: => 909.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:28:50 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka pls
OK, log by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka pls
díky moc 
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka pls
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?