preventivní kontrola rsit a frst64
Napsal: 20 bře 2023 18:44
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
Uložte do D:\stahované soubory Šimon jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A082987-5A93-4AFD-8F32-3B0C875D9D65} - System32\Tasks\Opera scheduled Autoupdate 1643828851 => C:\Users\hvojn\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
ContextMenuHandlers1_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
ContextMenuHandlers6_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
AlternateDataStreams: C:\ProgramData:err [1612]
AlternateDataStreams: C:\Users\All Users:err [1612]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1612]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\Users\hvojn\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\hvojn\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2714]
FirewallRules: [UDP Query User{40428084-7E87-4165-9D26-96E426C9026B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{341A2BD8-086E-4F17-A3B5-E5925796EB59}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{79671C20-F97A-4613-B9AD-262F271D6F04}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [TCP Query User{21A4F674-39FD-43EA-9D6A-F3DFCB6A5A48}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0E361CE6-D225-4AA2-B4D7-78A83B14E5AC}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C749DE1A-39C5-4E3C-B77B-53B97ABF726C}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7D18B48F-FABE-451D-BE49-C2D67F9ABB27}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97C22F27-B17D-46E9-B7B4-20BE7E001DC3}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{D5BB8BE3-933E-4091-816A-4D27B18E0B48}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{94B37D8B-4E7D-4FDF-929B-584DABE0BB3D}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1575D2BE-C453-4845-9009-BAEA513F4224}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C2793088-E74F-47A2-BFC6-9B848792C4FC}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{681F6927-3617-49AF-B60B-E209D7FA2846}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{45588A53-9035-4427-A1EA-F3450555DF7B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5218FCC9-4335-4A4D-A6A1-326AEAA1A257}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{8B9B8F55-842E-47EC-A5FB-7F01ECACEEFC}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{A86A93EE-E029-4D60-BC85-16276FC9CC3B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{42605B7D-1C37-453E-A0F0-4517E46F77A3}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BC6D2591-EB6E-467A-8031-320086199606}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [{516879A0-E2B1-4DA3-A5EE-22056168DA82}] => (Allow) C:\Users\hvojn\AppData\Local\Programs\Opera\83.0.4254.27\opera.exe => No File
FirewallRules: [TCP Query User{4D943C63-CCC8-47D6-B49E-558B145E7EFA}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{4930AAD3-B642-4BD9-ACD3-F381716D9952}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{652D2CD6-00CE-4C6A-B419-0C73249201C3}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{A6DE2245-0DDF-466D-AC53-846638DE779C}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{BC82519E-3424-40C0-95DB-C977C9899FEA}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{CD6FE455-6164-42DD-A191-59B313BF33F4}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{F96182C7-1748-41A9-A8FC-84A206623D9B}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{60379D53-28B7-4E2C-8C94-ADC1135CDF4D}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{E6CE4699-184B-42FE-A921-6608AC2E14C9}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{F00C1FD7-F99E-40A8-826F-1096A46A52AD}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{43E514E7-1353-469C-AD7C-29EEC627A09F}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [UDP Query User{E2662099-E31B-4B61-A4BD-3CC749011FA7}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [{18505620-0A70-4D56-B8A5-88472B7413AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{66C563F1-F9B9-429E-B0F8-E8EDEFCDB398}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DEE34AC7-DB79-4AF3-84D5-FC243C2CDE21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03EC7DB4-7119-4513-BFA3-5FB8B76AA946}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{E550BD4D-75DB-4D03-89CC-0473F119681C}C:8\forzahorizon5.exe] => (Block) C:8\forzahorizon5.exe => No File
FirewallRules: [{7430C20A-D0DD-4B82-912C-B1DBAC86F1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{980CC067-5C57-4369-B582-65DCDE7DFBDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EFBBE676-7D37-4605-8C19-E46F0CDFBC8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{264E3ECD-4DEA-4D2D-B64F-075C64A321F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
EmptyTemp:
End
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi