VIRY.CZ

Ahoj,
Moc vás prosím o kontrolu logů z RSIT. PC mi sám od sebe maže soubory. Když zapnu třeba po 3 dnech PC tak z plochy vidím, že mi chybějí soubory či aplikace, které tam dříve byli a najdu je v koši. Nevím zda to odstraňuje i jiné soubory než jen z plochy, ale v koši vidím pouze soubory z plochy. Proto tedy prosím o kontrolu logu.

Přikládám rar, kde je FRST a Addition soubor.

Děkuji předem

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-19-2022
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1462 octets] - [14/08/2021 20:23:48]
AdwCleaner[C00].txt - [1612 octets] - [14/08/2021 20:24:47]
AdwCleaner[S01].txt - [1528 octets] - [14/08/2021 20:26:19]
AdwCleaner[S02].txt - [1589 octets] - [16/09/2021 17:16:30]
AdwCleaner[C02].txt - [1779 octets] - [16/09/2021 17:17:05]
AdwCleaner[S03].txt - [1711 octets] - [16/09/2021 17:18:14]
AdwCleaner[S04].txt - [1772 octets] - [30/10/2021 19:10:16]
AdwCleaner[S05].txt - [1833 octets] - [30/10/2021 19:17:52]
AdwCleaner[S06].txt - [1894 octets] - [31/10/2021 10:37:48]
AdwCleaner[C06].txt - [2084 octets] - [31/10/2021 10:38:15]
AdwCleaner[S07].txt - [2016 octets] - [05/11/2021 16:48:28]
AdwCleaner[C07].txt - [2206 octets] - [05/11/2021 16:48:37]
AdwCleaner[S08].txt - [2138 octets] - [06/11/2021 19:07:41]
AdwCleaner[C08].txt - [2328 octets] - [06/11/2021 19:07:56]
AdwCleaner[S09].txt - [2260 octets] - [19/06/2022 14:02:26]
AdwCleaner[S10].txt - [2321 octets] - [19/06/2022 14:03:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C10].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1558997955-55845073-2629518697-1010\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vlasta\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" (No File)
HKU\S-1-5-21-1558997955-55845073-2629518697-1010\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vlasta\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (No File)
Task: {963C5EC7-8254-48BE-8399-48A907575D4E} - System32\Tasks\GoogleUpdateTaskMachineUA{C5A24259-CBE0-4B2A-94AF-31FE0364EBC9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {B9EC5DF7-E040-4BFB-9E1C-8C1BAFC6E802} - System32\Tasks\GoogleUpdateTaskMachineCore{5C1B9037-9130-4F77-B05A-719D10DD5C0E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
FirewallRules: [TCP Query User{E243E7D6-03EB-49CE-9AD8-2179753D8CCA}C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{8B9C3E91-DBBE-4317-88CB-A910449C48E7}C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{F4F25E02-DAB4-4F8E-9F95-BA08FE57D60C}D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{AB2B06BC-93FF-44E0-86FD-0CDE732B9153}D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe => No File

EmptyTemp:
Hosts:
End

Uložte do D:\Programy jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-06-2022
Ran by dbube (19-06-2022 19:48:15) Run:4
Running from D:\Programy
Loaded Profiles: dbube & Vlasta
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1558997955-55845073-2629518697-1010\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vlasta\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" (No File)
HKU\S-1-5-21-1558997955-55845073-2629518697-1010\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vlasta\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (No File)
Task: {963C5EC7-8254-48BE-8399-48A907575D4E} - System32\Tasks\GoogleUpdateTaskMachineUA{C5A24259-CBE0-4B2A-94AF-31FE0364EBC9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {B9EC5DF7-E040-4BFB-9E1C-8C1BAFC6E802} - System32\Tasks\GoogleUpdateTaskMachineCore{5C1B9037-9130-4F77-B05A-719D10DD5C0E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
FirewallRules: [TCP Query User{E243E7D6-03EB-49CE-9AD8-2179753D8CCA}C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{8B9C3E91-DBBE-4317-88CB-A910449C48E7}C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{F4F25E02-DAB4-4F8E-9F95-BA08FE57D60C}D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{AB2B06BC-93FF-44E0-86FD-0CDE732B9153}D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1558997955-55845073-2629518697-1010\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005\amd64" => removed successfully
"HKU\S-1-5-21-1558997955-55845073-2629518697-1010\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{963C5EC7-8254-48BE-8399-48A907575D4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{963C5EC7-8254-48BE-8399-48A907575D4E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{C5A24259-CBE0-4B2A-94AF-31FE0364EBC9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{C5A24259-CBE0-4B2A-94AF-31FE0364EBC9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9EC5DF7-E040-4BFB-9E1C-8C1BAFC6E802}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9EC5DF7-E040-4BFB-9E1C-8C1BAFC6E802}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{5C1B9037-9130-4F77-B05A-719D10DD5C0E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{5C1B9037-9130-4F77-B05A-719D10DD5C0E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E243E7D6-03EB-49CE-9AD8-2179753D8CCA}C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8B9C3E91-DBBE-4317-88CB-A910449C48E7}C:\users\dbube\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F4F25E02-DAB4-4F8E-9F95-BA08FE57D60C}D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB2B06BC-93FF-44E0-86FD-0CDE732B9153}D:\hry\steamapps\common\paladins\binaries\win64\paladins.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59387299 B
Java, Discord, Steam htmlcache => 842733738 B
Windows/system/drivers => 27633812 B
Edge => 0 B
Chrome => 185858290 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 144252 B
dbube => 97522672 B
Vlasta => 197230245 B

RecycleBin => 8979364 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:48:51 ====

Smazáno. Nastala nějaká změna?

Moc Děkuji!

Vypadá to OK, ještě to budu pár dni sledovat a popřípadě se ozvu. Super práce jako vždy, moc děkuji.

Rádo se stalo!