VIRY.CZ

Děkuji za snahu.

elzad píše:Děkuji za snahu.

To má být co? Jen jsem vás požádal o jiný log, abych vám nenabořil systém. Chcete-li, budu mazat z RSITu a případné poškození půjde na váš vrub.

Ne tak jsem to nemyslel, asi jsem špatně pochopil vaší poznámku.
Stažení FRSTLauncheru
Odkaz ke stažení: http://viry.xf.cz/pro_usery/FRSTLauncher.exe
Toto mi píše:
Web, na který se chystáte přejít, obsahuje škodlivé programy
Útočníci na webu viry.xf.cz by se mohli pokusit přimět vás k instalaci programů, které nepříznivě ovlivní procházení webu (například změní vaši domovskou stránku nebo na navštěvovaných stránkách budou zobrazovat další reklamy).

I když se pokusím soubor stáhnout, tak se hned smaže.

Vypněte antivir pro tento případ. FRSTLauncher není virus (běžně ho tu používáme), jen se některým AV nelíbí.

Ukončil jsem všechny anti programy, podařilo se stáhnout FRSTLauncher a přesunul jsem jej na plochu.
Když jej spustím, napíše mi, že není na ploše a mám jej tam přesunout a zavře se.

Zkuste to v jiném adresáři, případně použijte běžný FRST.

Povedlo se.

Otevřte poznámkový blok a zkopírujte do něj:

Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4146426845-2697671883-2344395422-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Edge Extension: (No Name) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => path not found
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => path not found
CHR HomePage: Default -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5Wtoi8EPr9iHii-pbafgKkd5cz36zPXSl7Ncj9UxkuyyJ5U8d15qXG2Y7V2l_rH_lyjv8ZT37wYFnjrS6ZFvikdjRaTQH9ihd-zkKzisGjzkacxe7PbZNGU7Eeg6jt2VThNJSZhSmAeYNLxenY0QaFjYGXVjwA,,
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/","hxxp://www.mystartsea ... tsurf.com/?
U1 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\aswDE55.tmp
C:\WINDOWS\system32\Drivers\aswDCE6.tmp
C:\WINDOWS\system32\Drivers\aswDE05.tmp
C:\WINDOWS\system32\Drivers\aswDE15.tmp
C:\WINDOWS\system32\Drivers\aswDDA5.tmp
C:\WINDOWS\system32\Drivers\aswDD26.tmp
C:\WINDOWS\system32\Drivers\aswDDB6.tmp
C:\WINDOWS\system32\Drivers\aswDD66.tmp
C:\WINDOWS\system32\Drivers\aswDCF6.tmp
C:\WINDOWS\system32\Drivers\aswDC47.tmp
C:\WINDOWS\system32\Drivers\aswDBF7.tmp
C:\WINDOWS\system32\Drivers\aswDC17.tmp
C:\WINDOWS\system32\Drivers\aswDC58.tmp
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\mntemp
C:\ProgramData\mtbjfghn.xbe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Jan Zwinger (14-05-2017 11:26:42) Run:1
Running from C:\Users\Jan Zwinger\Desktop
Loaded Profiles: Jan Zwinger & DefaultAppPool (Available Profiles: Jan Zwinger & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4146426845-2697671883-2344395422-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Edge Extension: (No Name) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => path not found
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => path not found
CHR HomePage: Default -> hxxp://%66%65%65%64.%68%65%6C%70%65%72% ... FjYGXVjwA,,
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/","hxxp://www.mystartsea ... tsurf.com/?
U1 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\aswDE55.tmp
C:\WINDOWS\system32\Drivers\aswDCE6.tmp
C:\WINDOWS\system32\Drivers\aswDE05.tmp
C:\WINDOWS\system32\Drivers\aswDE15.tmp
C:\WINDOWS\system32\Drivers\aswDDA5.tmp
C:\WINDOWS\system32\Drivers\aswDD26.tmp
C:\WINDOWS\system32\Drivers\aswDDB6.tmp
C:\WINDOWS\system32\Drivers\aswDD66.tmp
C:\WINDOWS\system32\Drivers\aswDCF6.tmp
C:\WINDOWS\system32\Drivers\aswDC47.tmp
C:\WINDOWS\system32\Drivers\aswDBF7.tmp
C:\WINDOWS\system32\Drivers\aswDC17.tmp
C:\WINDOWS\system32\Drivers\aswDC58.tmp
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\mntemp
C:\ProgramData\mtbjfghn.xbe

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-4146426845-2697671883-2344395422-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\PROTOCOLS\Handler\dssrequest => key not found.
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
HKCR\PROTOCOLS\Handler\sacore => key not found.
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => key removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => key removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => key removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\Drivers\aswDE55.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDCE6.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDE05.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDE15.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDDA5.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDD26.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDDB6.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDD66.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDCF6.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDC47.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDBF7.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDC17.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswDC58.tmp => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\mntemp => moved successfully
C:\ProgramData\mtbjfghn.xbe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7572788 B
Java, Flash, Steam htmlcache => 206 B
Windows/system/drivers => 252 B
Edge => 5301311 B
Chrome => 1460144 B
Firefox => 19305262 B
Opera => 85547261 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 818 B
NetworkService => 0 B
Jan Zwinger => 21723966 B
DefaultAppPool => 0 B

RecycleBin => 23664165 B
EmptyTemp: => 157 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:27:51 ====

Smazáno. Změnilo se něco?

Zatím nepozoruji, dám vědět.
Děkuji.

Zatím není zač!

Je to lepší díky.

Příkazem msconfig spusťte z přík. řádku konfigurační okno a na záložkách "Po spuštění" a " Služby" odstraňte zatržítka u všech ne- microsoftích položek s vyjímkou ovladačů a antiviru. Nastavení uložte a restratujte. Nabíhání systému by se mělo o něco ještě zrychlit.