VIRY.CZ

Dobrý den,
prosím o kontrolu PC. Hlavně neuvěřitelně rychle se mi pořád plní složka TEMP(C:\Users\Pracovní PC\AppData\Local\Temp)

(viz. příloha) Je možné vložit Log takto v zip. v příloze? Log má moc znaků nejde to tu vložit.

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 27 07:44:52 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: Lavasoft NewTab -


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [9319 B] - [2016/6/15 19:51:59]
C:/AdwCleaner/AdwCleaner[C2].txt - [3741 B] - [2016/12/20 9:28:54]
C:/AdwCleaner/AdwCleaner[S1].txt - [12316 B] - [2016/6/15 19:51:10]
C:/AdwCleaner/AdwCleaner[S2].txt - [4004 B] - [2016/12/20 9:26:33]
C:/AdwCleaner/AdwCleaner[S3].txt - [1447 B] - [2016/12/20 9:28:28]


########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

Toto je OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

Opět rar. Log moc znaků

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1756349094-3487176747-1097831369-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1756349094-3487176747-1097831369-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=lav01&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-1756349094-3487176747-1097831369-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=146580230 ... 5020009642
FF ProfilePath: C:\Users\PracovnĂ­ PC\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [not found] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-09-03]
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-04-14] () [File not signed]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\pconfig.dat
AlternateDataStreams: C:\Users\PracovnĂ­ PC\Desktop\ZAKAZKY 2015.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\PracovnĂ­ PC\Desktop\ZAKAZKY 2017.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pracovní PC\Desktop\zpf_odv_Sláčal.ods:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\PracovnĂ­ PC\Desktop\zpf_odv_test.ods:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\PracovnĂ­ PC\Desktop\zpf_odv_Ĺ imek.ods:com.dropbox.attributes [168]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by Pracovní PC (30-10-2017 18:09:53) Run:1
Running from C:\Users\Pracovní PC\Desktop
Loaded Profiles: Pracovní PC (Available Profiles: Pracovní PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1756349094-3487176747-1097831369-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1756349094-3487176747-1097831369-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/resu ... &ent=ch&q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-1756349094-3487176747-1097831369-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=14 ... 5020009642
FF ProfilePath: C:\Users\Pracovní PC\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [not found] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-09-03]
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-04-14] () [File not signed]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\pconfig.dat
AlternateDataStreams: C:\Users\Pracovní PC\Desktop\ZAKAZKY 2015.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pracovní PC\Desktop\ZAKAZKY 2017.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pracovní PC\Desktop\zpf_odv_Sláčal.ods:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pracovní PC\Desktop\zpf_odv_test.ods:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pracovní PC\Desktop\zpf_odv_� imek.ods:com.dropbox.attributes [168]

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-1756349094-3487176747-1097831369-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key removed successfully
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-1756349094-3487176747-1097831369-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key removed successfully
HKLM\Software\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key not found.
HKU\S-1-5-21-1756349094-3487176747-1097831369-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
C:\Users\Pracovní PC\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 => path removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole => key removed successfully
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx => moved successfully
KMS-R@1n => Unable to stop service.
HKLM\System\CurrentControlSet\Services\KMS-R@1n => key removed successfully
KMS-R@1n => service removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\pconfig.dat => moved successfully
C:\Users\Pracovní PC\Desktop\ZAKAZKY 2015.lnk => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Pracovní PC\Desktop\ZAKAZKY 2017.lnk => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Pracovní PC\Desktop\zpf_odv_Sláčal.ods => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Pracovní PC\Desktop\zpf_odv_test.ods => ":com.dropbox.attributes" ADS removed successfully.
"C:\Users\Pracovní PC\Desktop\zpf_odv_� imek.ods" => ":com.dropbox.attributes" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10790170 B
Java, Flash, Steam htmlcache => 728 B
Windows/system/drivers => 609374 B
Edge => 444489 B
Chrome => 722000857 B
Firefox => 399190628 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
Pracovní PC => 26082141038 B

RecycleBin => 119614516 B
EmptyTemp: => 25.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:10:35 ====

Smazáno, log by již měl být OK. Z dočasných složek bylo odstraněno více než 25GB zbytečností.

Děkuji za pomoc.
A ještě dotaz čím to je že ta složka TEMP(C:\Users\Pracovní PC\AppData\Local\Temp) se mi někdy zaplní tak rychle nebo celkově ta složka Local ?

Toť otázka. Do dočasných adresářů se ukládají instalační, pomocné instalační soubory a dočasné soubory internetu. Systém se jich sám nezbaví, je třeba občas vyčistit. Systém má pro to nástroj "Vyčištění disku".