VIRY.CZ

Prosím o preventivní kontrolu, logy FRST.txt (byl příliš dlouhý pro zprávu) i Addition.txt jsou v příloze

Děkuji
Richard Jedlička

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 21 22:01:55 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\DriverToolkit
Deleted: C:\Users\jedli\AppData\Local\DriverToolkit


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-2890812157-160744085-872001271-1001\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted: [Key] - HKU\S-1-5-21-2890812157-160744085-872001271-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Boost
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Boost


***** [ Firefox (and derivatives) ] *****

Plugin deleted: __MSG_extName__ -


***** [ Chromium (and derivatives) ] *****

Plugin deleted: Avira SafeSearch Plus -
SearchProvider deleted: podcrawler.com - podcrawler.com
SearchProvider deleted: azlyrics.com - azlyrics.com
SearchProvider deleted: ekovesnice.cz - ekovesnice.cz
SearchProvider deleted: Slunečnice - slunecnice.cz
SearchProvider deleted: podcrawler.com - podcrawler.com


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2063 B] - [2017/11/21 22:0:35]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

Logy jsou zase v příloze

Otevřte poznámkový blok a zkopírujte do něj:

Start
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2890812157-160744085-872001271-1001 -> DefaultScope {B8837D52-43FF-43E6-BB57-93201591CA40} URL =
SearchScopes: HKU\S-1-5-21-2890812157-160744085-872001271-1001 -> {B8837D52-43FF-43E6-BB57-93201591CA40} URL =
CHR HomePage: Default -> hxxp://whealthico.local/
CHR StartupUrls: Default -> "chrome://newtab/","hxxp://www.default-search.net?sid=498&aid=121& ... 83&src=hmp"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {5D38D2B5-00A2-4310-B28A-4429CBAC26A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B4E0278B-FD28-4F48-9AAF-730D8E529276} - System32\Tasks\{A7F67265-B1D2-44F6-8CE2-39CEE242129F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Simpli Software\HD Tach\hdtach.exe" -d "C:\Program Files (x86)\Simpli Software\HD Tach"

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-11-2017
Ran by jedli (22-11-2017 21:34:24) Run:1
Running from C:\Users\jedli\Desktop
Loaded Profiles: jedli (Available Profiles: jedli)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2890812157-160744085-872001271-1001 -> DefaultScope {B8837D52-43FF-43E6-BB57-93201591CA40} URL =
SearchScopes: HKU\S-1-5-21-2890812157-160744085-872001271-1001 -> {B8837D52-43FF-43E6-BB57-93201591CA40} URL =
CHR HomePage: Default -> hxxp://whealthico.local/
CHR StartupUrls: Default -> "chrome://newtab/","hxxp://www.default-search.net?sid=498&aid=121& ... 83&src=hmp"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {5D38D2B5-00A2-4310-B28A-4429CBAC26A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B4E0278B-FD28-4F48-9AAF-730D8E529276} - System32\Tasks\{A7F67265-B1D2-44F6-8CE2-39CEE242129F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Simpli Software\HD Tach\hdtach.exe" -d "C:\Program Files (x86)\Simpli Software\HD Tach"

EmptyTemp:
End
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2890812157-160744085-872001271-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2890812157-160744085-872001271-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B8837D52-43FF-43E6-BB57-93201591CA40} => key removed successfully
HKLM\Software\Classes\CLSID\{B8837D52-43FF-43E6-BB57-93201591CA40} => key not found.
Chrome HomePage => not found.
Chrome StartupUrls => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP => key removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => key removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D38D2B5-00A2-4310-B28A-4429CBAC26A6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D38D2B5-00A2-4310-B28A-4429CBAC26A6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4E0278B-FD28-4F48-9AAF-730D8E529276} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4E0278B-FD28-4F48-9AAF-730D8E529276} => key removed successfully
C:\WINDOWS\System32\Tasks\{A7F67265-B1D2-44F6-8CE2-39CEE242129F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7F67265-B1D2-44F6-8CE2-39CEE242129F} => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 48878143 B
Java, Flash, Steam htmlcache => 349931833 B
Windows/system/drivers => 6831348 B
Edge => 976473 B
Chrome => 852408040 B
Firefox => 815908614 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 132986 B
NetworkService => 8582 B
jedli => 624099918 B

RecycleBin => 393208090 B
EmptyTemp: => 2.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:35:22 ====

Smazáno. Log je již OK.

Díky moc.

Rádo se stalo!