VIRY.CZ

Ahoj,
Poprosim Vas o preventivku. Mal som nejaky vir, ale Kaspersky ho asi zmazal.
Pri spusteni mi vyhadzuje toto a neviem odkial.



Ďakujem

Obrázok startu

Ahoj

Ten text na fotke je "C:\WINDOWS\mf.reg"?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Spustit skenovani a pockaj na dokoncenie
• V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
• V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
• Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Dakujem za pomoc

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-13-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1465 octets] - [13/01/2021 11:34:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Hlaska sa uz teda nezobrazuje? Poprosim o obidva nove logy z FRST na docistenie.

Hláška sa už nezobrazuje.
Ďakujem za pomoc.

V prílohe sú požadované logy.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files (x86)\Clipdiary\clipdiary.exe
  Folder: C:\p
  CMD: type "C:\WINDOWS\mf.reg"
  CMD: echo %PATH:;=&echo.%
  
  Startup: C:\Users\sense\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2020-12-04]
  ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
  CHR HomePage: Default -> hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWuELOv6gcKLJwcuuncActgKl_m14aSb8bFdV1g4TKoUXJZipjl7Lg7YKkjmsBMrucakwcaB1n4AxXfjx2fR2e8inhEKm-BzhONp9eiKP7NyOPS5WTgF_F9wD_3KhFAsjmb4E05Gv3zmZMW8uBw9NyQ4D9l7C1bptJhqc84DJh
  2021-01-21 19:52 - 2021-01-21 19:52 - 000000000 ____D C:\Users\sense\Desktop\FRST-OlderVersion
  2021-01-15 08:55 - 2020-07-11 09:54 - 000008192 ___SH C:\DumpStack.log.tmp
  2021-01-08 23:31 - 2020-09-27 15:29 - 000000000 ____D C:\temp
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  HKU\S-1-5-21-2683855831-3151673362-2466717934-1001\...\StartupApproved\StartupFolder: => "kms.vbs"
  C:\WINDOWS\mf.reg
  
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede