Prosím o kontrolu logu Vyřešeno

[DJAdam]

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by pumuS (12-05-2023 19:35:24) Run:1
Running from C:\Users\pumuS\Desktop
Loaded Profiles: pumuS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
"MBAMChameleon" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATTENTION (Rootkit!/Locked Service)
"MBAMWebProtection" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MBAMWebProtection => \SystemRoot\system32\DRIVERS\mwac.sys <==== ATTENTION (Rootkit!/Locked Service)
FirewallRules: [TCP Query User{B8411648-F08B-4BEC-B382-55151DCAD786}C:\users\pumus\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\pumus\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [UDP Query User{F33D3FEF-BB44-46F2-9BAB-3DEDD18277F6}C:\users\pumus\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\pumus\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [TCP Query User{C6F7148A-4431-4AE7-99CA-9C4B609F89AF}D:\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{32F1AB34-F7BE-48AB-B4C3-E4F41DD0B910}D:\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"MBAMChameleon" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SYSTEM\ControlSet001\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
"MBAMWebProtection" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SYSTEM\ControlSet001\Services\MBAMWebProtection => \SystemRoot\system32\DRIVERS\mwac.sys <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B8411648-F08B-4BEC-B382-55151DCAD786}C:\users\pumus\appdata\local\discord\app-1.0.9006\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F33D3FEF-BB44-46F2-9BAB-3DEDD18277F6}C:\users\pumus\appdata\local\discord\app-1.0.9006\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C6F7148A-4431-4AE7-99CA-9C4B609F89AF}D:\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{32F1AB34-F7BE-48AB-B4C3-E4F41DD0B910}D:\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20078252 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 612844930 B
Windows/system/drivers => 2352210 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 23148 B
NetworkService => 27804 B
pumuS => 4585414 B

RecycleBin => 0 B
EmptyTemp: => 610.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:35:37 ====

[Reklama]

[DJAdam]

Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by pumuS (12-05-2023 19:39:12)
Running from C:\Users\pumuS\Desktop
Boot Mode: Normal

================== Search Registry: "CreateExplorerShellUnelevatedTask.job" ===========


====== End of Search ======

[jaro3]

Vše OK!

Stáhni si zde DelFix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[DJAdam]

# DelFix v1.010 - Logfile created 13/05/2023 at 17:35:49
# Updated 26/04/2015 by Xplode
# Username : pumuS - ADAM-PC
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\pumuS\Desktop\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\pumuS\Desktop\Addition.txt
Deleted : C:\Users\pumuS\Desktop\Fixlog.txt
Deleted : C:\Users\pumuS\Desktop\FRST.txt
Deleted : C:\Users\pumuS\Desktop\FRST64.exe
Deleted : C:\Users\pumuS\Desktop\JRT.exe
Deleted : C:\Users\pumuS\Desktop\JRT.txt
Deleted : C:\Users\pumuS\Desktop\HijackThis.exe
Deleted : C:\Users\pumuS\Desktop\hijackthis.log
Deleted : C:\Users\pumuS\Desktop\RogueKiller_setup.exe
Deleted : C:\Users\pumuS\Desktop\zoek (1).exe
Deleted : C:\Users\pumuS\Desktop\zoek1.rar
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : C:\Users\pumuS\Downloads\AdwCleaner.exe
Deleted : C:\Users\pumuS\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #4 [Restore Point Created by FRST | 05/12/2023 17:35:25]

New restore point created !

########## - EOF - ##########


Super dakujem moc :)