VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=148300

Stránka 1 z 2

Prosím o preventivní kontrolu logu

Napsal: 12 bře 2016 16:06
od Mine.
PC se občas sekne.

Re: Prosím o preventivní kontrolu logu

Napsal: 13 bře 2016 17:55
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o preventivní kontrolu logu

Napsal: 15 bře 2016 04:27
od Mine.
Rudy píše:Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
# AdwCleaner v5.102 - Logfile created 15/03/2016 at 03:44:06
# Updated 13/03/2016 by Xplode
# Database : 2016-03-14.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Admin - ZALMANR1
# Running from : C:\Users\Admin\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[#] Folder Deleted : C:\ProgramData\mntemp

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
[-] Key Deleted : HKCU\Software\AVG Web TuneUp

***** [ Web browsers ] *****

[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bmkckgpgekmanipelfidlhmkfcjicion

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1011 bytes] - [15/03/2016 03:44:06]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1176 bytes] - [14/03/2016 16:14:51]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [1270 bytes] - [15/03/2016 02:58:28]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1290 bytes] ##########

Re: Prosím o preventivní kontrolu logu

Napsal: 15 bře 2016 18:40
od Rudy
Dejte nový log FRST.

Re: Prosím o preventivní kontrolu logu

Napsal: 16 bře 2016 18:01
od Mine.
Rudy píše:Dejte nový log FRST.

Re: Prosím o preventivní kontrolu logu

Napsal: 16 bře 2016 18:49
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: cardisabled - No CLSID Value
S0 icquni; no ImagePath
S0 ssuhop; no ImagePath
3 aswArKrn; \??\C:\Users\Admin\AppData\Local\Temp\aswArKrn.sys [X]
S3 efavdrv; \??\C:\WINDOWS\system32\drivers\efavdrv.sys [X]
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Admin\AppData\Local
Task: {060020EF-B665-4795-9FF3-7115BCCA5BFA} - \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} -> No File <==== ATTENTION
Task: {22904216-C1D0-45D0-881E-26E480E29E42} - \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} -> No File <==== ATTENTION
Task: {5B03405B-ADCD-48C6-8F69-E693E10A0D2F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F3DDBD1-B785-47A5-B9BE-577CB73E3E59} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89E8D41F-9A78-4F7D-9220-9D8609A151E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C681F58B-B5CE-4EAD-8AD5-09CD82DDD995} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FE997E90-DF24-4029-BC98-F09B7367650C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Admin\Downloads\10255839_1383135778640599_8173910330187023673_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10409035_375870925952276_2832422946215172114_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10958700_769017893174703_200329094_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10962006_771676516242174_309528695_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10962055_1705094809716871_851055478_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10968185_1705093516383667_2077305528_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10979464_771670466242779_1996548684_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11002723_771666086243217_2043816741_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11006037_771664336243392_53824045_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11018100_359959650865137_2096148368536846332_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11040335_784713314938494_923767445_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11041506_793197587440177_1686713377_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11046207_677024265739750_3831215964110502337_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11061716_882036105188002_6921144233422175289_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11106434_806343692792233_595465251_n.jpg.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11188297_362211973973238_4247317530694173432_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11209704_708736622568514_7823738208921563768_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11257045_882638495133127_136655729_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11295926_811962445554476_2003495727114681540_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11304224_1064037353623599_1014440761_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\11304224_1064037353623599_1014440761_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11659436_381797738681328_218095081028849347_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11692968_1138470686168562_690084838_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\1175489_610002932356319_166082306_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\198504_208169089210869_356584_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\226523_220302707997507_1267072_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\522040_801688833207533_5576881731799159039_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\549366_1037512909593754_5801239504446833426_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0232.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0232.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0238.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0238.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0239.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0239.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\P1190002.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\P1190014.JPG:$CmdZnID [26]

ResetHosts:
End
Uložte do C:\Users\Admin\Desktop\Scan jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o preventivní kontrolu logu

Napsal: 16 bře 2016 20:31
od Mine.
To nevypadá dobře. Jedná se jen o nějaký adware a "balast," nebo byla přítomna i nějaká aktivní infekce? Moc děkuji za odpověď a přikládám log.

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Admin (2016-03-16 20:28:27) Run:1
Running from C:\Users\Admin\Desktop\Scan
Loaded Profiles: Admin (Available Profiles: Admin & Baruška & MSSQL$ADK)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: cardisabled - No CLSID Value
S0 icquni; no ImagePath
S0 ssuhop; no ImagePath
3 aswArKrn; \??\C:\Users\Admin\AppData\Local\Temp\aswArKrn.sys [X]
S3 efavdrv; \??\C:\WINDOWS\system32\drivers\efavdrv.sys [X]
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Admin\AppData\Local
Task: {060020EF-B665-4795-9FF3-7115BCCA5BFA} - \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} -> No File <==== ATTENTION
Task: {22904216-C1D0-45D0-881E-26E480E29E42} - \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} -> No File <==== ATTENTION
Task: {5B03405B-ADCD-48C6-8F69-E693E10A0D2F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F3DDBD1-B785-47A5-B9BE-577CB73E3E59} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89E8D41F-9A78-4F7D-9220-9D8609A151E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C681F58B-B5CE-4EAD-8AD5-09CD82DDD995} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FE997E90-DF24-4029-BC98-F09B7367650C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Admin\Downloads\10255839_1383135778640599_8173910330187023673_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10409035_375870925952276_2832422946215172114_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10958700_769017893174703_200329094_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10962006_771676516242174_309528695_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10962055_1705094809716871_851055478_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10968185_1705093516383667_2077305528_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\10979464_771670466242779_1996548684_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11002723_771666086243217_2043816741_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11006037_771664336243392_53824045_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11018100_359959650865137_2096148368536846332_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11040335_784713314938494_923767445_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11041506_793197587440177_1686713377_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11046207_677024265739750_3831215964110502337_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11061716_882036105188002_6921144233422175289_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11106434_806343692792233_595465251_n.jpg.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11188297_362211973973238_4247317530694173432_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11209704_708736622568514_7823738208921563768_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11257045_882638495133127_136655729_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11295926_811962445554476_2003495727114681540_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11304224_1064037353623599_1014440761_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\11304224_1064037353623599_1014440761_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11659436_381797738681328_218095081028849347_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\11692968_1138470686168562_690084838_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\1175489_610002932356319_166082306_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\198504_208169089210869_356584_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\226523_220302707997507_1267072_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\522040_801688833207533_5576881731799159039_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\549366_1037512909593754_5801239504446833426_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0232.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0232.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0238.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0238.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0239.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Downloads\DSC_0239.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\P1190002.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Downloads\P1190014.JPG:$CmdZnID [26]

ResetHosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKCR\PROTOCOLS\Handler\cardisabled" => key removed successfully
icquni => service removed successfully
ssuhop => service removed successfully
3 aswArKrn; \??\C:\Users\Admin\AppData\Local\Temp\aswArKrn.sys [X] => Error: No automatic fix found for this entry.
efavdrv => service removed successfully
MFE_RR => service removed successfully
Partizan => service removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Admin\AppData\Local" => Warning: FRST is scripted not to move this directory.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{060020EF-B665-4795-9FF3-7115BCCA5BFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{060020EF-B665-4795-9FF3-7115BCCA5BFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22904216-C1D0-45D0-881E-26E480E29E42}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22904216-C1D0-45D0-881E-26E480E29E42}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B03405B-ADCD-48C6-8F69-E693E10A0D2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B03405B-ADCD-48C6-8F69-E693E10A0D2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F3DDBD1-B785-47A5-B9BE-577CB73E3E59}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F3DDBD1-B785-47A5-B9BE-577CB73E3E59}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89E8D41F-9A78-4F7D-9220-9D8609A151E0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89E8D41F-9A78-4F7D-9220-9D8609A151E0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C681F58B-B5CE-4EAD-8AD5-09CD82DDD995}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C681F58B-B5CE-4EAD-8AD5-09CD82DDD995}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE997E90-DF24-4029-BC98-F09B7367650C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE997E90-DF24-4029-BC98-F09B7367650C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
C:\Users\Admin\Downloads\10255839_1383135778640599_8173910330187023673_o.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\10409035_375870925952276_2832422946215172114_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\10958700_769017893174703_200329094_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\10962006_771676516242174_309528695_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\10962055_1705094809716871_851055478_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\10968185_1705093516383667_2077305528_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\10979464_771670466242779_1996548684_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11002723_771666086243217_2043816741_o.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11006037_771664336243392_53824045_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11018100_359959650865137_2096148368536846332_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11040335_784713314938494_923767445_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11041506_793197587440177_1686713377_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11046207_677024265739750_3831215964110502337_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11061716_882036105188002_6921144233422175289_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11106434_806343692792233_595465251_n.jpg.png => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11188297_362211973973238_4247317530694173432_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11209704_708736622568514_7823738208921563768_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11257045_882638495133127_136655729_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11295926_811962445554476_2003495727114681540_n.jpg => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Downloads\11304224_1064037353623599_1014440761_n.jpg" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Downloads\11304224_1064037353623599_1014440761_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11659436_381797738681328_218095081028849347_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\11692968_1138470686168562_690084838_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\1175489_610002932356319_166082306_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\198504_208169089210869_356584_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\226523_220302707997507_1267072_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\522040_801688833207533_5576881731799159039_n.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\549366_1037512909593754_5801239504446833426_n.jpg => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Downloads\DSC_0232.JPG" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Downloads\DSC_0232.JPG => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Downloads\DSC_0238.JPG" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Downloads\DSC_0238.JPG => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Downloads\DSC_0239.JPG" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Downloads\DSC_0239.JPG => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\P1190002.JPG => ":$CmdZnID" ADS removed successfully.
C:\Users\Admin\Downloads\P1190014.JPG => ":$CmdZnID" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.

==== End of Fixlog 20:28:29 ====

Re: Prosím o preventivní kontrolu logu

Napsal: 16 bře 2016 20:38
od Rudy
Smazáno. Přestal se PC již sekat?

Re: Prosím o preventivní kontrolu logu

Napsal: 16 bře 2016 20:49
od Mine.
Rudy píše:Smazáno. Přestal se PC již sekat?
Budu potřebovat asi pár dní, abych to poznal, jelikož chod není plynulý jen někdy :/ Nevadí, kdybych se Vám ozval až za 2 - 4 dny? A ještě bych poprosil, abyste mi odpověděl na otázku z předchozího příspěvku, pokud by to šlo. Děkuji moc! (A nebo jsem to špatně pochopil a myslel jste tím že to je smazáno, že byla infekce a ta je smazána?)

Re: Prosím o preventivní kontrolu logu

Napsal: 16 bře 2016 21:57
od Rudy
AdWary sestřelil ADECleaner a FRST převážně zbytečnosti. Vir v pravém smyslu slova žádný.

Re: Prosím o preventivní kontrolu logu

Napsal: 17 bře 2016 10:41
od Mine.
Rudy píše:AdWary sestřelil ADECleaner a FRST převážně zbytečnosti. Vir v pravém smyslu slova žádný.
Takže hotovo?

Re: Prosím o preventivní kontrolu logu

Napsal: 17 bře 2016 16:45
od Mine.
Předpokládám, že asi vše. Měl bych tedy na Vás ještě jednu otázku - Můžu beze strachu použít internetové bankovnictví?

Po Vašem vyjádření můžeme lock :|

PS: PC je opravdu svižnější, takže ano, pomohlo to.

Re: Prosím o preventivní kontrolu logu

Napsal: 17 bře 2016 18:09
od Rudy
Na to bych ještě pro jistotu udělal kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

Re: Prosím o preventivní kontrolu logu

Napsal: 18 bře 2016 15:18
od Mine.
Rudy píše:Na to bych ještě pro jistotu udělal kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17. 3. 2016
Čas skenování: 16:50
Protokol:
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.17.03
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Admin

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1138429
Uplynulý čas: 19 hod, 45 min, 53 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Varovat

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
FraudTool.YAC, C:\Users\Admin\Downloads\yet_another_cleaner_cnet.exe.part, , [8a4da9df287172c403d16ec9867b9b65],
Rogue.PCClearPlus, C:\Users\Admin\Downloads\TC-SpyInstaller.exe, , [d9fe6226cbce8caad1a58261db2944bc],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Prosím o preventivní kontrolu logu

Napsal: 18 bře 2016 18:59
od Rudy
Nalezené položky smažte. Po smazání již nemusíte mít žádné oavy.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz