VIRY.CZ

Dochází jakoby k občasnému samovolnému vypínání COMODO firewallu (hláška z Centra akcí), i když ten se tváří jako zapnutý.

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-05-2019
# Duration: 00:00:00
# OS: Windows 7 Professional
# Cleaned: 1
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Not Deleted Preinstalled.LenovoSolutionCenter


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [22/08/2018 20:34:52]
AdwCleaner[S01].txt - [1310 octets] - [22/08/2018 20:36:07]
AdwCleaner[S02].txt - [1458 octets] - [05/08/2019 15:02:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Poprosim o nove logy FRST + ADDITIONAL

logy zde:

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by Uzivatel (09-08-2019 11:47:38) Run:1
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
VirusTotal: C:\Users\Uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe
VirusTotal: C:\ProgramData\dbdacm.dll

Task: {6107A82C-ABE2-4EA5-B185-930A62C6D5B2} - System32\Tasks\{713AF29A-AB37-484E-AC7E-70480F08914B} => C:\Windows\system32\pcalua.exe -a C:\instalace\vcredist_x86.exe -d C:\instalace
Task: {DAB04292-A6A4-44A5-B00C-23D7C262C05D} - System32\Tasks\{125C4643-F06D-4C51-A7AB-1F4B63156687} => C:\Windows\system32\pcalua.exe -a C:\Users\Uzivatel\Desktop\all_vc_redist_x86_x64\vcredist_2010_sp1_x64.exe -d C:\Users\Uzivatel\Desktop\all_vc_redist_x86_x64
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2658690909-3528840007-3457165209-1002 -> {2CA8C2E8-3183-4E3E-AE5D-0A9870362814} URL =
U3 aswbdisk; no ImagePath
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

EmptyTemp:


*****************

VirusTotal: C:\Users\Uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe => https://www.virustotal.com/file/9f36117 ... 565032340/
VirusTotal: C:\ProgramData\dbdacm.dll => https://www.virustotal.com/file/9930437 ... 543622332/
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6107A82C-ABE2-4EA5-B185-930A62C6D5B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6107A82C-ABE2-4EA5-B185-930A62C6D5B2}" => removed successfully
C:\Windows\System32\Tasks\{713AF29A-AB37-484E-AC7E-70480F08914B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{713AF29A-AB37-484E-AC7E-70480F08914B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAB04292-A6A4-44A5-B00C-23D7C262C05D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAB04292-A6A4-44A5-B00C-23D7C262C05D}" => removed successfully
C:\Windows\System32\Tasks\{125C4643-F06D-4C51-A7AB-1F4B63156687} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{125C4643-F06D-4C51-A7AB-1F4B63156687}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2658690909-3528840007-3457165209-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2CA8C2E8-3183-4E3E-AE5D-0A9870362814} => removed successfully
HKLM\Software\Classes\CLSID\{2CA8C2E8-3183-4E3E-AE5D-0A9870362814} => not found
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMChameleon => removed successfully
MBAMChameleon => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27612858 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 180281136 B
Edge => 0 B
Chrome => 389912724 B
Firefox => 52292854 B
Opera => 321693259 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16674 B
systemprofile32 => 69488 B
LocalService => 16674 B
NetworkService => 0 B
Uzivatel => 192872084 B
Uzivatel => 0 B

RecycleBin => 138932315 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:48:31 ====

Ok, ako je na tom pocitac?

Tak stále stejné. Mohlo by to souviset s doinstalováváním Visual C++ knihoven? Centrum akcí zase nyní z ničeho nic oznámil, že je Firewall vypnutý, i když podle COMODA i podle task managera je zapnutý..

Skuste ho preinstalovat.

Myslíte Visual C++ knihovny, COMODO, anebo Windowsy?
Resp mělo by se jednat o nějaký probém s instalací, tedy PC vypadá čisté?

Ano pocitac vypada ok. skuste preinstalovt Comodo

Přeinstaloval jsem COMODO podle Vašeho doporučení, a nyní se již cca 1,5 dne daný problém s hláškou o vypnutém firewalu neobjevil. Tedy zatím to vypadá, že by tím mohl být problém vyřešen.

Tedy prozatím moc děkuji.

Ještě bych tomu ale raději pár dnů dal, ono se ta chyba totiž objevovala dost nepravidelně.

Tak bohužel, problém se objevuje dále

Skusal ste obnovit system cez body obnovi?