VIRY.CZ

Prosím o kontrolu přiloženého logu, zejména jestli na PC neběží nějaký šmírovací program.
Děkuji.

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Zdravím,
zasílám log z AdwCleaneru...

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-18-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1312 octets] - [18/03/2019 10:54:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim nove logy FRST a ADDITION

Dobrý den,
nové logy v příloze.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 08:26 - 2019-03-13 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-20 12:32 - 2017-11-20 19:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
Task: {1DFBF197-0C20-4EFB-8061-414FB4631E9F} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> No File <==== ATTENTION
Task: {33EF9584-C4AC-47F6-9CF3-3A01AD2C06DF} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> No File <==== ATTENTION
Task: {7D9FC245-DA99-4231-8268-15C03ECA8976} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A0FACF04-F41D-4CD5-8B76-EBF43B946EC0} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> No File <==== ATTENTION
Task: {DA63D355-16D9-42BB-BE89-6D6C02A8162A} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> No File <==== ATTENTION
Task: {E79230EE-BBF1-4E77-9565-DC40D1BA88C8} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> No File <==== ATTENTION
Task: {ED9B4941-85DE-4DC8-8D37-79F9E806A3FB} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> No File <==== ATTENTION
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorB.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorS.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rccfg.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rcraid.sys:com.dropbox.attributes [168]
FirewallRules: [{BE7AFEBB-7ACD-481C-B3A9-46B857EDC14F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File
FirewallRules: [{AFC78702-FC21-44EF-AA16-023150FC66AE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File
FirewallRules: [{22FFD1A6-3307-47F6-81BB-7676ECED9770}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File
FirewallRules: [{1EF14A37-CDA4-4C7A-B975-54E5803D6405}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File
FirewallRules: [{C6DDB9F9-5C86-4058-97A0-8C761C34366D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe No File
FirewallRules: [{3310EF88-0CBD-4853-9B93-94D3B3F48497}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe No File
FirewallRules: [{76F7B299-53B8-478B-84F3-BFF2592673CC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{61D8BA50-7161-4B9A-8ED7-3D9C8A906E94}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{802FB463-8ECA-4F6F-9909-5993AE72A7AE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe No File
FirewallRules: [{DA7D818E-A12D-432A-B2C6-1192FD24EB5F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe No File
FirewallRules: [{26585051-F44F-43AF-9DE7-80E8D8141235}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe No File
FirewallRules: [{FA4DB3DE-411F-431D-8BD6-AE9C792F2483}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe No File
FirewallRules: [{3BBF87EA-D5CB-4C59-B32D-6A8AEE00CEA0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [{E46E3269-961F-4E7C-8712-C68047956B61}] => (Block) C:\program files\dell sonicwall\global vpn client\swgvc.exe No File
FirewallRules: [{266986B9-6CA1-4B61-AEBA-35E14F57FD33}] => (Block) C:\program files\dell sonicwall\global vpn client\swgvc.exe No File
FirewallRules: [TCP Query User{82FF4A96-8A45-413E-AF69-D0AA3A631F50}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{1DD88038-4D7A-47FF-BAC6-95E5890A8C3A}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [TCP Query User{EA89D5D9-F634-4C0F-BF11-7C4CA453EBB7}C:\program files (x86)\java\jre1.8.0_161\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\launch4j-tmp\frd.exe No File
FirewallRules: [UDP Query User{1056B490-D477-4AEA-A4C4-ABA21CC6556A}C:\program files (x86)\java\jre1.8.0_161\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\launch4j-tmp\frd.exe No File
FirewallRules: [TCP Query User{D2C32872-878E-442F-865C-FFAFD9703781}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe No File
FirewallRules: [UDP Query User{87DCA87B-FD43-49FA-A34C-05AEA7269671}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola