VIRY.CZ

Zdravím,od minulého týdne kdy Avast nezachytil vše co měl mi jede notebook o něco hůře jak prohlížeč tak i celkový systém.Logy přikládám,děkuji.

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-26-2018
# Duration: 00:00:04
# OS: Windows 8.1
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2507 octets] - [23/05/2018 18:04:17]
AdwCleaner[C00].txt - [2320 octets] - [23/05/2018 18:04:47]
AdwCleaner[S01].txt - [1432 octets] - [26/09/2018 11:06:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Dejte nový log FRST.

Přikládám a myslím že už je vše ok.

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\zurek_000\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3080191038-1326817752-3620413983-1001 -> {47404728-C166-48BA-B479-7AE41A989FCB} URL =
C:\Users\zurek_000\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {DC9A74FE-DEB5-4C3C-B67E-70529519A240} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {DDE836C6-60E7-45E8-A390-49E788134AB6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {E2DA4F07-D28C-46BB-80A2-C354EC1A9565} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION

EmptyTemp:
Hosts:
End

Uložte do C:\Users\zurek_000\Desktop\Viry jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Po restartu se chtěl spustit ccleaner s dotazem zda změnit nastavení nebo něco podobného,ignoroval jsem to a log je zde:



Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by zurek_000 (26-09-2018 16:07:43) Run:2
Running from C:\Users\zurek_000\Desktop\Viry
Loaded Profiles: zurek_000 (Available Profiles: zurek_000)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\zurek_000\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3080191038-1326817752-3620413983-1001 -> {47404728-C166-48BA-B479-7AE41A989FCB} URL =
C:\Users\zurek_000\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {DC9A74FE-DEB5-4C3C-B67E-70529519A240} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {DDE836C6-60E7-45E8-A390-49E788134AB6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {E2DA4F07-D28C-46BB-80A2-C354EC1A9565} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION

EmptyTemp:
Hosts:
End

*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"C:\Users\zurek_000\AppData\Local\Facebook\Games\FacebookGameroom.exe" => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-3080191038-1326817752-3620413983-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47404728-C166-48BA-B479-7AE41A989FCB}" => removed successfully
HKLM\Software\Classes\CLSID\{47404728-C166-48BA-B479-7AE41A989FCB} => not found

"C:\Users\zurek_000\AppData\Local\Temp" folder move:

Could not move "C:\Users\zurek_000\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC9A74FE-DEB5-4C3C-B67E-70529519A240}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC9A74FE-DEB5-4C3C-B67E-70529519A240}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DDE836C6-60E7-45E8-A390-49E788134AB6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDE836C6-60E7-45E8-A390-49E788134AB6}" => removed successfully
C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2DA4F07-D28C-46BB-80A2-C354EC1A9565}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2DA4F07-D28C-46BB-80A2-C354EC1A9565}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28480004 B
Java, Flash, Steam htmlcache => 115546903 B
Windows/system/drivers => 2702480 B
Edge => 0 B
Chrome => 131568285 B
Firefox => 854796316 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 22088 B
NetworkService => 0 B
zurek_000 => 47305432 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-09-2018 16:13:23)

C:\Users\zurek_000\AppData\Local\Temp => moved successfully

==== End of Fixlog 16:13:36 ====

mirzur píše:Po restartu se chtěl spustit ccleaner s dotazem...

Správně jste učinil. Jinak smazáno, log je již OK.

Děkuji mnohokrát,zaslal jsem něco na podporu fóra.Jinak ten ccleaner se mi chtěl zpustit i nyní při zapnutí,ale hlavně že vše funguje jak má.

Zřejmě ho máte nastaven na automatiku. Někdy příliš automatiky škodí, také ho používám ale jen občas ho ručně spustím na vyčištění. Pohrajte si s nastavením. Za příspěvek děkujeme a vy nemáte zač!