VIRY.CZ

Dobrý den,

v poslední době jsem ztratil k pár službám přístup. Mám podezření, že v PC se mi nachází havěť.
Rád bych, poprosil o prověření logů, abych poté mohl řešit obnovu přistup k oněm službám.

Děkuji.

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Dobrý den,

zde zasílám soubory

Dejte nové logy FRST+Addition.

Zde

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Program Files (x86)\Microsoft\BingBar
HKLM-x32\...\Run: [] => [X]
Task: {294C7923-CBF6-4AF6-BD90-B98B8DF15022} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-12-03] (Google Inc -> Google Inc.)
Task: {57EAEF81-C5CC-4BA5-A530-BA6D81165D3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-12-03] (Google Inc -> Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation -> Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\SysWOW64\dns-sd.exe
FirewallRules: [{A56777F1-86B8-4707-A6CC-CBB63D9B8F5C}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D13E8846-26E8-4513-899C-8162D237AD1F}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9BBF9755-AA26-4166-8D58-86F0D36201A6}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe No File
FirewallRules: [{708533CD-F441-475B-BF00-AC4E12D21196}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe No File
FirewallRules: [TCP Query User{E660FBC6-F7B1-4C6A-8A75-00D16D22346B}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{3D711075-8D32-4A0B-9539-EA5CAE5DACE4}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe No File

EmptyTemp:
End

Uložte do C:\Users\učet\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by učet (14-07-2019 20:57:13) Run:1
Running from C:\Users\učet\Downloads
Loaded Profiles: učet (Available Profiles: Uzivatel & učet)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Program Files (x86)\Microsoft\BingBar
HKLM-x32\...\Run: [] => [X]
Task: {294C7923-CBF6-4AF6-BD90-B98B8DF15022} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-12-03] (Google Inc -> Google Inc.)
Task: {57EAEF81-C5CC-4BA5-A530-BA6D81165D3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-12-03] (Google Inc -> Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation -> Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\SysWOW64\dns-sd.exe
FirewallRules: [{A56777F1-86B8-4707-A6CC-CBB63D9B8F5C}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D13E8846-26E8-4513-899C-8162D237AD1F}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9BBF9755-AA26-4166-8D58-86F0D36201A6}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe No File
FirewallRules: [{708533CD-F441-475B-BF00-AC4E12D21196}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe No File
FirewallRules: [TCP Query User{E660FBC6-F7B1-4C6A-8A75-00D16D22346B}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{3D711075-8D32-4A0B-9539-EA5CAE5DACE4}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files (x86)\Microsoft\BingBar => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{294C7923-CBF6-4AF6-BD90-B98B8DF15022}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{294C7923-CBF6-4AF6-BD90-B98B8DF15022}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57EAEF81-C5CC-4BA5-A530-BA6D81165D3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57EAEF81-C5CC-4BA5-A530-BA6D81165D3A}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\SysWOW64\dns-sd.exe => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A56777F1-86B8-4707-A6CC-CBB63D9B8F5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D13E8846-26E8-4513-899C-8162D237AD1F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BBF9755-AA26-4166-8D58-86F0D36201A6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{708533CD-F441-475B-BF00-AC4E12D21196}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E660FBC6-F7B1-4C6A-8A75-00D16D22346B}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3D711075-8D32-4A0B-9539-EA5CAE5DACE4}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 90975408 B
Java, Flash, Steam htmlcache => 82696836 B
Windows/system/drivers => 354026498 B
Edge => 0 B
Chrome => 570278434 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 572026 B
Uzivatel => 3663026283 B
učet => 540002309 B

RecycleBin => 2477735 B
EmptyTemp: => 4.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:58:55 ====

Smazáno. Log by již měl být OK.

Mockrat diky.

Hezky vecer preji

Hezký den i vám a nemáte zač!