VIRY.CZ

Dobrý den,
bohužel se do PC dostal Mallware a otevírá se v Chrome okno s reklamou. Mohu poprosit o pomoc?
díky

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-18-2021
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2970 octets] - [18/04/2021 18:56:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

děkuji

FRST log je prázdný.

děkuji za pomoc

Nějaké divné, nemyslíte? Problém není ještě dořešen.

aha, myslel jsem si že je tak to se omlouvám

posílám znovu

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {44F9B082-75A3-40D5-B4CD-A78C28C0FE22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {D5DFBDA6-CE8B-457B-A416-959A21481DCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
SearchScopes: HKU\S-1-5-21-706604696-1639438380-2937031876-2144 -> DefaultScope {AFF86C4A-8AB0-497B-B52C-FB1DE016DCDD} URL =
SearchScopes: HKU\S-1-5-21-706604696-1639438380-2937031876-2144 -> {AFF86C4A-8AB0-497B-B52C-FB1DE016DCDD} URL =
FirewallRules: [{8E121999-24D5-4524-87EC-C14586D76315}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{3F7BC8AD-79CD-4ED5-A2B9-EFD23491B5E5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by turkova (18-04-2021 21:03:03) Run:1
Running from C:\Users\turkova\Desktop
Loaded Profiles: uzivatel & turkova
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {44F9B082-75A3-40D5-B4CD-A78C28C0FE22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {D5DFBDA6-CE8B-457B-A416-959A21481DCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
SearchScopes: HKU\S-1-5-21-706604696-1639438380-2937031876-2144 -> DefaultScope {AFF86C4A-8AB0-497B-B52C-FB1DE016DCDD} URL =
SearchScopes: HKU\S-1-5-21-706604696-1639438380-2937031876-2144 -> {AFF86C4A-8AB0-497B-B52C-FB1DE016DCDD} URL =
FirewallRules: [{8E121999-24D5-4524-87EC-C14586D76315}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{3F7BC8AD-79CD-4ED5-A2B9-EFD23491B5E5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{44F9B082-75A3-40D5-B4CD-A78C28C0FE22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44F9B082-75A3-40D5-B4CD-A78C28C0FE22}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5DFBDA6-CE8B-457B-A416-959A21481DCB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5DFBDA6-CE8B-457B-A416-959A21481DCB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKU\S-1-5-21-706604696-1639438380-2937031876-2144\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-706604696-1639438380-2937031876-2144\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFF86C4A-8AB0-497B-B52C-FB1DE016DCDD} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E121999-24D5-4524-87EC-C14586D76315}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F7BC8AD-79CD-4ED5-A2B9-EFD23491B5E5}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 208872760 B
Java, Flash, Steam htmlcache => 1128 B
Windows/system/drivers => 770683 B
Edge => 5173526 B
Chrome => 458659049 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 22748293 B
systemprofile32 => 22748293 B
LocalService => 22994853 B
NetworkService => 23009059 B
uzivatel => 73484402 B
turkova => 100335187 B

RecycleBin => 137475 B
EmptyTemp: => 906.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:04:27 ====

Smazáno, log je již OK.

děkuji moc za pomoc.

Rádo se stalo!