VIRY.CZ

Dobrý den,

Prosím o kontrolu logu vytvořeného programem RSIT. Na počírači mám nainstalován Windows 10 Home 64 bit. 20H2 (build 19042.746).
V nápovědě Vašeho fóru jsem si přečetl, že v případě Windows 10 mám použít program FRST, ale ten nejde spustit, tak posílám alespoň
logovací soubor programu RSIT.

S pozdravem Karel Mačl.

log.rar: (40.16 KiB) Staženo 94 x

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Tak jsem spustil AdwCleaner a místo Clean and Repair se objevilo tlačítko Karanténa a
po jeho stisknutí se OS nechtěl restartovat.Tady je ten log :

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-31-2021
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DriverFix
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverFix
Deleted C:\Users\kmacl\AppData\Local\Seznam.cz
Deleted C:\Users\kmacl\AppData\Roaming\DriverFix

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\DriverFix.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\DriverFix
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|DriverFix
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverFix_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2005 octets] - [02/01/2021 21:32:09]
AdwCleaner[C00].txt - [2045 octets] - [02/01/2021 21:39:28]
AdwCleaner[S01].txt - [1528 octets] - [02/01/2021 21:50:03]
AdwCleaner[S02].txt - [1589 octets] - [06/01/2021 16:00:43]
AdwCleaner[S03].txt - [1693 octets] - [11/01/2021 23:43:24]
AdwCleaner[C03].txt - [1863 octets] - [11/01/2021 23:45:55]
AdwCleaner[S04].txt - [1834 octets] - [25/01/2021 11:07:22]
AdwCleaner[C04].txt - [1984 octets] - [25/01/2021 11:09:09]
AdwCleaner[S05].txt - [2434 octets] - [31/01/2021 19:04:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

Bohužel program FRST se spustí, ale nic nedělá (nebo nejde spustit), i když ho spustím jako Admin
a uzavřu všechny aplikace a spustím ho z plochy. Takže prosím o radu, jak ho zprovoznit.

Skuste program premenovat na koncovku .com a nasledne spustit.

Pripadne ho vyskusajte spustit v nudzovom rezime.

skuste vypnut antivirus

Tak se mi podařilo spustit FRST. Přikládám logy :

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše


HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {01F7CCCB-9DDE-463B-AEE4-5F8F017C3021} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-16] (Google LLC -> Google LLC)
Task: {C9989797-6A4F-4506-9A31-D90E3AAD02B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-16] (Google LLC -> Google LLC)
Task: {E43BBB49-588C-4B3C-8078-FBAC1BDEF7AE} - System32\Tasks\Opera scheduled Autoupdate 1589644417 => C:\Program Files (x86)\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
FF ProfilePath: C:\Users\kmacl\AppData\Roaming\Mozilla\Firefox\Profiles\rq4k264a.default [not found] <==== ATTENTION
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
FirewallRules: [{C3E6E343-728F-47B0-B730-093100290CD0}] => (Allow) C:\Program Files (x86)\Opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A2D32C10-FF45-4FF5-9E47-DB0DB4761A6E}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS2AED\hppiw.exe => No File
FirewallRules: [{EC71714F-DBE8-4CE3-9D7F-CF2EB0319136}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS2AED\hppiw.exe => No File
FirewallRules: [{F535A79A-99C4-455A-B2F8-081752850A1F}] => (Allow) C:\Windows.old\Users\Karel\Documents\DriverPack\bin\tools\aria2c.exe => No File
FirewallRules: [{7BC93BBD-159B-4212-A552-08E5F5F8270E}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS67E9\hppiw.exe => No File
FirewallRules: [{8F7B00E9-67CE-4E31-A495-AC5962FEC5EC}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS67E9\hppiw.exe => No File
FirewallRules: [{82289E75-24D4-4657-ACA6-5641BFF0AA8C}] => (Allow) LPort=5357

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

-

Zde je fixlog.txt :

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by kmacl (06-02-2021 20:20:14) Run:1
Running from C:\Users\kmacl\OneDrive\Plocha
Loaded Profiles: kmacl & DefaultAppPool
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {01F7CCCB-9DDE-463B-AEE4-5F8F017C3021} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-16] (Google LLC -> Google LLC)
Task: {C9989797-6A4F-4506-9A31-D90E3AAD02B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-16] (Google LLC -> Google LLC)
Task: {E43BBB49-588C-4B3C-8078-FBAC1BDEF7AE} - System32\Tasks\Opera scheduled Autoupdate 1589644417 => C:\Program Files (x86)\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
FF ProfilePath: C:\Users\kmacl\AppData\Roaming\Mozilla\Firefox\Profiles\rq4k264a.default [not found] <==== ATTENTION
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
FirewallRules: [{C3E6E343-728F-47B0-B730-093100290CD0}] => (Allow) C:\Program Files (x86)\Opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A2D32C10-FF45-4FF5-9E47-DB0DB4761A6E}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS2AED\hppiw.exe => No File
FirewallRules: [{EC71714F-DBE8-4CE3-9D7F-CF2EB0319136}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS2AED\hppiw.exe => No File
FirewallRules: [{F535A79A-99C4-455A-B2F8-081752850A1F}] => (Allow) C:\Windows.old\Users\Karel\Documents\DriverPack\bin\tools\aria2c.exe => No File
FirewallRules: [{7BC93BBD-159B-4212-A552-08E5F5F8270E}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS67E9\hppiw.exe => No File
FirewallRules: [{8F7B00E9-67CE-4E31-A495-AC5962FEC5EC}] => (Allow) C:\Users\kmacl\AppData\Local\Temp\7zS67E9\hppiw.exe => No File
FirewallRules: [{82289E75-24D4-4657-ACA6-5641BFF0AA8C}] => (Allow) LPort=5357

EmptyTemp:
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cAudioFilterAgent" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01F7CCCB-9DDE-463B-AEE4-5F8F017C3021}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01F7CCCB-9DDE-463B-AEE4-5F8F017C3021}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9989797-6A4F-4506-9A31-D90E3AAD02B9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9989797-6A4F-4506-9A31-D90E3AAD02B9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E43BBB49-588C-4B3C-8078-FBAC1BDEF7AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E43BBB49-588C-4B3C-8078-FBAC1BDEF7AE}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1589644417 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1589644417" => removed successfully
C:\Users\kmacl\AppData\Roaming\Mozilla\Firefox\Profiles\rq4k264a.default => path removed successfully
"Chrome DefaultSearchURL" => removed successfully
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding} => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3E6E343-728F-47B0-B730-093100290CD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2D32C10-FF45-4FF5-9E47-DB0DB4761A6E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC71714F-DBE8-4CE3-9D7F-CF2EB0319136}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F535A79A-99C4-455A-B2F8-081752850A1F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BC93BBD-159B-4212-A552-08E5F5F8270E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F7B00E9-67CE-4E31-A495-AC5962FEC5EC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82289E75-24D4-4657-ACA6-5641BFF0AA8C}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46319585 B
Java, Flash, Steam htmlcache => 12721 B
Windows/system/drivers => 146308427 B
Edge => 2397003 B
Chrome => 14175404 B
Firefox => 1215326411 B
Opera => 29044318 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 68834 B
NetworkService => 68834 B
defaultuser0 => 76002 B
kmacl => 2084712990 B
DefaultAppPool => 2084719646 B

RecycleBin => 0 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:27:07 ====

ako je na tom pocitac?

Počítač je v pořádku. Ještě jsem se chtěl zeptat na to, že po odinstalaci Adobe Flash Playeru zůstali ve složkách
C:\Windows\System32\Macromed\Flash a C:\Windows\SysWOW64\Macromed\Flash nějaké soubory. Mám je smazat
nebo jsou v počítači v něčemu?

Mozete ich zmazat.

Zapomněl jsem poděkovat za pomoc.
Takže děkuji moc a moc jste mi pomohl.

Nemate zac, za malicko :]]

VIRY.CZ

chci se jenom ujistit, že je vše v pořádku

chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku

Re: chci se jenom ujistit, že je vše v pořádku