Preventivní kontrola

Zpráva

Jakub Duha · #1 Příspěvek od **Jakub Duha** » 04 dub 2020 12:45

Posím o kontrolu logu. Chrome mi začal přesměrovávat stránky na podvodné adresy (Vyhráli jste... )

#2 Příspěvek od **Rudy** » 05 dub 2020 16:01

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {3D7F22E1-47F2-4B1B-B8C8-EC3E6EAB7734} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
Task: {668D6C70-7351-4EE2-8DD4-B87E615DE9DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
HKU\S-1-5-21-514118449-1450849949-1183818836-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__180709
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
FirewallRules: [{C94C757D-0BDB-47DA-A025-A70444528D19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{A128064C-D4AD-4523-B4DA-229715B5C13C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{7DEC8C12-E887-4BE2-B152-76A65815077E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe No File
FirewallRules: [{0A71C166-55C2-409A-95E7-680D8EB99551}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe No File
FirewallRules: [UDP Query User{150202F5-D688-4A07-954E-4AFF3BE87A91}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe No File
FirewallRules: [TCP Query User{790C1D37-1D26-44AC-8360-934D6AFF2F00}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe No File
FirewallRules: [{B7E86601-6653-410D-AB51-928CC37B34E0}] => (Block) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [{2573CF53-2B38-416B-90FF-0514D6F1E93E}] => (Block) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [UDP Query User{FF332897-2BA8-4AEA-B6D1-E8383751394D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [TCP Query User{AB0526E2-024C-4415-9D79-34DBCEC1D886}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [UDP Query User{071BD7D9-BEB6-452B-8F6B-2B322CF19BEE}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [TCP Query User{8B1A7F88-9246-43DC-B0FC-64BA707BB834}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [UDP Query User{5FEDD724-7910-4B94-9817-B0CB31192F2D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [TCP Query User{FAFFC480-6BCC-4CF4-A284-0E2657D1ADE5}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [{DF1A26F5-353B-436F-9158-998B4D3D479C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{CD5030E3-3460-4722-B1D6-AA2639489359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{395C682F-5571-4229-B72B-C2985BB82356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{98ADEE72-4FE8-46A5-8CD9-01A476D3B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{FFF1A804-01E6-4E04-845B-DF709572C921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{C3DD8ECC-AD9F-497D-BCC8-0E294ADA5FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [UDP Query User{2EAA079C-F28D-4D61-A217-5A4F38F15ECB}C:\users\marek\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marek\appdata\roaming\utorrent web\utweb.exe No File
FirewallRules: [TCP Query User{FBA8D69C-3B63-44BA-8A3F-2F47FF2CF2AA}C:\users\marek\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marek\appdata\roaming\utorrent web\utweb.exe No File
FirewallRules: [{AB7104B5-7C50-470E-843D-C996B6FBA833}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{28EA0AD0-B2B3-4EB0-954E-B282E45F4FFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
W:\roztridit\rar\MC_CSSkspm.rar

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Jakub Duha · #3 Příspěvek od **Jakub Duha** » 05 dub 2020 18:55

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Ran by Marek (05-04-2020 19:53:01) Run:1
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {3D7F22E1-47F2-4B1B-B8C8-EC3E6EAB7734} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
Task: {668D6C70-7351-4EE2-8DD4-B87E615DE9DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
HKU\S-1-5-21-514118449-1450849949-1183818836-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=v ... 54__180709
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
FirewallRules: [{C94C757D-0BDB-47DA-A025-A70444528D19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{A128064C-D4AD-4523-B4DA-229715B5C13C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{7DEC8C12-E887-4BE2-B152-76A65815077E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe No File
FirewallRules: [{0A71C166-55C2-409A-95E7-680D8EB99551}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe No File
FirewallRules: [UDP Query User{150202F5-D688-4A07-954E-4AFF3BE87A91}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe No File
FirewallRules: [TCP Query User{790C1D37-1D26-44AC-8360-934D6AFF2F00}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe No File
FirewallRules: [{B7E86601-6653-410D-AB51-928CC37B34E0}] => (Block) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [{2573CF53-2B38-416B-90FF-0514D6F1E93E}] => (Block) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [UDP Query User{FF332897-2BA8-4AEA-B6D1-E8383751394D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [TCP Query User{AB0526E2-024C-4415-9D79-34DBCEC1D886}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [UDP Query User{071BD7D9-BEB6-452B-8F6B-2B322CF19BEE}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [TCP Query User{8B1A7F88-9246-43DC-B0FC-64BA707BB834}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [UDP Query User{5FEDD724-7910-4B94-9817-B0CB31192F2D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [TCP Query User{FAFFC480-6BCC-4CF4-A284-0E2657D1ADE5}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [{DF1A26F5-353B-436F-9158-998B4D3D479C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{CD5030E3-3460-4722-B1D6-AA2639489359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{395C682F-5571-4229-B72B-C2985BB82356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{98ADEE72-4FE8-46A5-8CD9-01A476D3B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{FFF1A804-01E6-4E04-845B-DF709572C921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{C3DD8ECC-AD9F-497D-BCC8-0E294ADA5FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [UDP Query User{2EAA079C-F28D-4D61-A217-5A4F38F15ECB}C:\users\marek\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marek\appdata\roaming\utorrent web\utweb.exe No File
FirewallRules: [TCP Query User{FBA8D69C-3B63-44BA-8A3F-2F47FF2CF2AA}C:\users\marek\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marek\appdata\roaming\utorrent web\utweb.exe No File
FirewallRules: [{AB7104B5-7C50-470E-843D-C996B6FBA833}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{28EA0AD0-B2B3-4EB0-954E-B282E45F4FFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
W:\roztridit\rar\MC_CSSkspm.rar

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D7F22E1-47F2-4B1B-B8C8-EC3E6EAB7734}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D7F22E1-47F2-4B1B-B8C8-EC3E6EAB7734}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{668D6C70-7351-4EE2-8DD4-B87E615DE9DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{668D6C70-7351-4EE2-8DD4-B87E615DE9DA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKU\S-1-5-21-514118449-1450849949-1183818836-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C94C757D-0BDB-47DA-A025-A70444528D19}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A128064C-D4AD-4523-B4DA-229715B5C13C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DEC8C12-E887-4BE2-B152-76A65815077E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A71C166-55C2-409A-95E7-680D8EB99551}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{150202F5-D688-4A07-954E-4AFF3BE87A91}C:\program files\epic games\subnautica\subnautica.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{790C1D37-1D26-44AC-8360-934D6AFF2F00}C:\program files\epic games\subnautica\subnautica.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7E86601-6653-410D-AB51-928CC37B34E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2573CF53-2B38-416B-90FF-0514D6F1E93E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FF332897-2BA8-4AEA-B6D1-E8383751394D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AB0526E2-024C-4415-9D79-34DBCEC1D886}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{071BD7D9-BEB6-452B-8F6B-2B322CF19BEE}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B1A7F88-9246-43DC-B0FC-64BA707BB834}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5FEDD724-7910-4B94-9817-B0CB31192F2D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FAFFC480-6BCC-4CF4-A284-0E2657D1ADE5}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF1A26F5-353B-436F-9158-998B4D3D479C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD5030E3-3460-4722-B1D6-AA2639489359}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{395C682F-5571-4229-B72B-C2985BB82356}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{98ADEE72-4FE8-46A5-8CD9-01A476D3B81F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFF1A804-01E6-4E04-845B-DF709572C921}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3DD8ECC-AD9F-497D-BCC8-0E294ADA5FE2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2EAA079C-F28D-4D61-A217-5A4F38F15ECB}C:\users\marek\appdata\roaming\utorrent web\utweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FBA8D69C-3B63-44BA-8A3F-2F47FF2CF2AA}C:\users\marek\appdata\roaming\utorrent web\utweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB7104B5-7C50-470E-843D-C996B6FBA833}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28EA0AD0-B2B3-4EB0-954E-B282E45F4FFC}" => removed successfully
"W:\roztridit\rar\MC_CSSkspm.rar" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 339542881 B
Java, Flash, Steam htmlcache => 354551154 B
Windows/system/drivers => 18543552 B
Edge => 494132 B
Chrome => 462491643 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3178 B
NetworkService => 105562 B
Marek => 39477195 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:53:16 ====

#4 Příspěvek od **Rudy** » 05 dub 2020 19:57

Smazáno. Log by již měl být OK.

Jakub Duha · #5 Příspěvek od **Jakub Duha** » 05 dub 2020 20:22

Díky,
stále se mi ale děje to, že v Chrome se mi sem tam stránka přesměruje na "eu.insidemarketingmeaning.xyz" s textem:

Kód: Vybrat vše

"Drahý zákazníku UPC, gratulujeme! UPC během následujících 7 dní slaví výročí, během kterého Vám chceme poděkovat za to, že nás využíváte jako svého internetového poskytovatele. Každý den vybereme 10 šťastlivců..."

bohužel nevím co to způsobuje.

#6 Příspěvek od **Rudy** » 05 dub 2020 20:55

Zkusíme ještě vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.[/quote]

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola