Blbnutí kláves a kontrola logu Vyřešeno

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Task: {D7D75F4C-A171-4D43-9BBC-D358C87C28FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-10] (Google Inc -> Google LLC)
Task: {E845DBAF-64F3-4684-BD4F-976C56236F94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-10] (Google Inc -> Google LLC)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {06DAA207-9C8C-40C1-B0A4-07098DE84C67} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {2D9969DC-AB37-4F71-825F-11359CFEA908} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {3FF70CAB-C0B3-42A3-9946-2AE726F26CC9} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {6A861BF9-14A3-43B9-AC57-504598E5093F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {745E554D-1A9F-40C8-8A56-E3878178E0DE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {B2D51387-0CE4-4F81-9360-DCE690596A1E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {CD59AA6C-C521-493A-B273-CC2145A5B505} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {DC6B39B1-C79E-4E2E-8990-73F4B88FD55D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A105ED4E-2065-462C-A0D0-380C5292F70B}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe No File
FirewallRules: [{9E061E25-4F4B-4B51-A199-3B4F32CB0586}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe No File
FirewallRules: [TCP Query User{48C1E5D8-02E2-4A01-BA58-512719B03428}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe No File
FirewallRules: [UDP Query User{D0B79D63-E718-4A15-A599-485DA669B3C6}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Viry to nebude. Problém bude v HW či SW..

[Reklama]

[Scientific]

Bohužel HW, protože to blbne i na linuxu.
Mělo mě to napadnou hned, zkusit bootnout Scientific Linux
Každdopádně, díky moc. Ano déčko mi taky blbne, občas se zduplikuje, naštěstí se nestává, že by se nepropsalo, na rozdíl od céčka,to se často nepropíše vubec.

c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-cc-c-c-c-c-c-c-c-c-c
d-dd-d-d-d-d-d-d-d-d-d-d-d-d-d-dd-d-dd-d-d-dd-d-d-d-dd-d-dd-dd-dd-d-d-d-dd-d

Ahá, možná se ten virus vrací zpátky z céčka na déčko

Přitom s capslokem je to v pohodě, no snad to bude jen nějak klávesnií.

CC-CC-CC-CC-C-C-C-CC-CC-C-C-C-C-C-C-C-C-C-C--C-C-CC-C-C-C--C-CC-C-CC--CC
D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D

FRST
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Petr (05-04-2020 02:08:21) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & outlook)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {D7D75F4C-A171-4D43-9BBC-D358C87C28FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-10] (Google Inc -> Google LLC)
Task: {E845DBAF-64F3-4684-BD4F-976C56236F94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-10] (Google Inc -> Google LLC)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {06DAA207-9C8C-40C1-B0A4-07098DE84C67} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {2D9969DC-AB37-4F71-825F-11359CFEA908} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {3FF70CAB-C0B3-42A3-9946-2AE726F26CC9} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {6A861BF9-14A3-43B9-AC57-504598E5093F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {745E554D-1A9F-40C8-8A56-E3878178E0DE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {B2D51387-0CE4-4F81-9360-DCE690596A1E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {CD59AA6C-C521-493A-B273-CC2145A5B505} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {DC6B39B1-C79E-4E2E-8990-73F4B88FD55D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A105ED4E-2065-462C-A0D0-380C5292F70B}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe No File
FirewallRules: [{9E061E25-4F4B-4B51-A199-3B4F32CB0586}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe No File
FirewallRules: [TCP Query User{48C1E5D8-02E2-4A01-BA58-512719B03428}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe No File
FirewallRules: [UDP Query User{D0B79D63-E718-4A15-A599-485DA669B3C6}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7D75F4C-A171-4D43-9BBC-D358C87C28FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7D75F4C-A171-4D43-9BBC-D358C87C28FB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E845DBAF-64F3-4684-BD4F-976C56236F94}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E845DBAF-64F3-4684-BD4F-976C56236F94}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{06DAA207-9C8C-40C1-B0A4-07098DE84C67} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9969DC-AB37-4F71-825F-11359CFEA908} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3FF70CAB-C0B3-42A3-9946-2AE726F26CC9} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A861BF9-14A3-43B9-AC57-504598E5093F} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{745E554D-1A9F-40C8-8A56-E3878178E0DE} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B2D51387-0CE4-4F81-9360-DCE690596A1E} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CD59AA6C-C521-493A-B273-CC2145A5B505} => removed successfully
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC6B39B1-C79E-4E2E-8990-73F4B88FD55D} => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\System\CurrentControlSet\Services\cpuz145 => removed successfully
cpuz145 => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A105ED4E-2065-462C-A0D0-380C5292F70B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E061E25-4F4B-4B51-A199-3B4F32CB0586}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48C1E5D8-02E2-4A01-BA58-512719B03428}C:\program files (x86)\xming\xming.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0B79D63-E718-4A15-A599-485DA669B3C6}C:\program files (x86)\xming\xming.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29842991 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 422408 B
Edge => 0 B
Chrome => 163740 B
Firefox => 488886690 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1786 B
Petr => 4524714 B
outlook => 4524935 B
outlook.DESKTOP-7GJSA1T => 4597934 B

RecycleBin => 0 B
EmptyTemp: => 519.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 02:09:09 ====

[jaro3]

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

víc s tím neudělám..

[Scientific]

Děkuji ti, budu se modlit, aby tedy stačilo vyměnit jen předek s klávesnicí.

Zde je požadovaný log:

# DelFix v1.013 - Logfile created 05/04/2020 at 21:30:22
# Updated 17/04/2016 by Xplode
# Username : Petr - DESKTOP-7GJSA1T
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Petr\Desktop\Addition.txt
Deleted : C:\Users\Petr\Desktop\AdwCleaner.exe
Deleted : C:\Users\Petr\Desktop\AdwCleaner[C01].txt
Deleted : C:\Users\Petr\Desktop\Fixlog.txt
Deleted : C:\Users\Petr\Desktop\FRST.txt
Deleted : C:\Users\Petr\Desktop\FRST64.exe
Deleted : C:\Users\Petr\Desktop\JRT.exe
Deleted : C:\Users\Petr\Desktop\JRT.txt
Deleted : C:\Users\Petr\Desktop\HijackThis.exe
Deleted : C:\Users\Petr\Desktop\hijackthis.log
Deleted : C:\Users\Petr\Desktop\hijackthis2.txt
Deleted : C:\Users\Petr\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\Petr\Desktop\zoek-results.txt
Deleted : C:\Users\Petr\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #26 [Naplánovaný kontrolní bod | 03/27/2020 16:23:51]
Deleted : RP #27 [Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 | 04/02/2020 06:38:23]
Deleted : RP #28 [AdwCleaner_BeforeCleaning_03/04/2020_23:04:56 | 04/03/2020 21:04:58]
Deleted : RP #29 [JRT Pre-Junkware Removal | 04/03/2020 21:17:20]

New restore point created !

########## - EOF - ##########

[jaro3]

Nemáš zač! Můžeš dát zelenou fajfku.