Zdravím,
prosím o kontrolu logu.
Děkuji T.
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 10 (Pro), 10.0.19045.4046 (ReleaseId: 2009), Service Pack: 0
Time: 26.02.2024 - 21:03 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: PETR (group: Administrator) on DESKTOP-0T73MBK, FirstRun: yes
Chrome: 122.0.6261.69
Firefox: 123.0.0.8809
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
1 C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
1 C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
1 C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
1 C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
1 C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
1 C:\Program Files\Acer\Acer Quick Access\QASvc.exe
1 C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24012.92.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
1 C:\Users\PETR\AppData\Local\Microsoft\OneDrive\24.020.0128.0003\FileCoAuth.exe
1 C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\PETR\Desktop\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\SysWOW64\dllhost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
2 C:\Windows\System32\igfxext.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
76 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
4 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [BingSvc] = C:\Users\PETR\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_10D969F4DF781DBD8D9B2A9D4CAFE08D] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\Run: [OneDrive] = C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4-32 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O17 - DHCP DNS 1: 172.34.32.254
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1360909192-1986834191-3985270288-1002 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: ASC_PerformanceMonitor - C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task
O22 - Task: ASC_SkipUac_Doma - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac
O22 - Task: OneDrive Reporting Task-S-1-5-21-1360909192-1986834191-3985270288-1001 - C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-1360909192-1986834191-3985270288-1002 - C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: Power Button - C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe -s
O22 - Task: Power Management - C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe
O22 - Task: Quick Access - C:\Program Files\Acer\Acer Quick Access\QALauncher.exe
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
O22 - Task: Uninstaller_SkipUac_Doma - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
O22 - Task: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6315.0{4716638F-191A-444E-B0BC-70948D0EF3A0} - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\Windows\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\Windows\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Task: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Task: \Mozilla\Firefox Background Update S-1-5-21-1360909192-1986834191-3985270288-1002 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R3: Quick Access Service - (QASvc) - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service R3: ePower Service - (ePowerSvc) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service S2: Advanced SystemCare Service 16 - (AdvancedSystemCareService16) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service S2: GoogleUpdater InternalService 124.0.6315.0 (GoogleUpdaterInternalService124.0.6315.0) - (GoogleUpdaterInternalService124.0.6315.0) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: GoogleUpdater Service 124.0.6315.0 (GoogleUpdaterService124.0.6315.0) - (GoogleUpdaterService124.0.6315.0) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: Remote Procedure Call (RPC) Net - (rpcnet) - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service S2: Služba Aktualizace Google (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.69\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Quick Access Local Service - (QALSvc) - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service S3: Služba Aktualizace Google (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
--
End of file - Time spent: 22,1 sec. - 29192 bytes, CRC32: FFFFFFFF. Sign: 蹇힊
Prosím o kontrolu logu HJT Vyřešeno
Re: Prosím o kontrolu logu HJT
ATF - OK
TFC - OK
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-26-2024
# Duration: 00:00:39
# OS: Windows 10 (Build 19045.4046)
# Scanned: 32100
# Detected: 38
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\PETR\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\PETR\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{146EBCD7-FD30-444E-8304-F09880D298A3}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D020EC6-11E4-4363-BA15-936415A4852E}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D623844-FD2D-4CC0-B572-3A0D24D2DA1C}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
TFC - OK
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-26-2024
# Duration: 00:00:39
# OS: Windows 10 (Build 19045.4046)
# Scanned: 32100
# Detected: 38
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\PETR\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\PETR\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{146EBCD7-FD30-444E-8304-F09880D298A3}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D020EC6-11E4-4363-BA15-936415A4852E}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D623844-FD2D-4CC0-B572-3A0D24D2DA1C}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: Prosím o kontrolu logu HJT
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 2/26/2024
Scan Time: 9:13 PM
Log File: 738cff84-d4e3-11ee-810b-2c600c918d0f.json
-Software Information-
Version: 5.0.17.99
Components Version: 1.0.1169
Update Package Version: 1.0.81455
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4046)
CPU: x64
File System: NTFS
User: DESKTOP-0T73MBK\PETR
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 246076
Threats Detected: 17
Threats Quarantined: 0
Time Elapsed: 6 min, 9 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 4
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService16, No Action By User, 5349, 380352, 1.0.81455, , ame, , ,
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC_SkipUac_Doma, No Action By User, 5349, 396386, 1.0.81455, , ame, , ,
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2BD5A067-5065-4080-9A11-686974C96BFA}, No Action By User, 5349, 396386, 1.0.81455, , ame, , ,
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2BD5A067-5065-4080-9A11-686974C96BFA}, No Action By User, 5349, 396386, 1.0.81455, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 13
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, No Action By User, 5349, 380352, 1.0.81455, , ame, , 33E6ADC510F01DA48A3CCE9CE9EB0175, 3A8F05AE6536EC43CE86A3745B2A3C4B32573CEE714C6B38F1241E98BE36CA82
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 2389B5E42E2D505768487EF3FC834660, FC52CBC2515FA2DBD7C3BA702FDB8DA98DB0C1CD353F6F31B179451ED5795D8B
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC_SkipUac_Doma, No Action By User, 5349, 396386, 1.0.81455, , ame, , AFA3B080493FC4658AB7C6B840D2EC84, DA7D05E710A58F4CDA784670AC9A86D78283CC381FE15AA02D7639A49B77BBF9
PUP.Optional.AdvancedSystemCare, C:\USERS\PETR\DESKTOP\Programy\Advanced SystemCare.lnk, No Action By User, 5349, 396386, 1.0.81455, , ame, , 59C48312EC7CC4742AD03BB481160944, B7CB5426B456B38F2FEC1F0AFD52315FB7B006F4A1C11E6EE523B56F2EFF6D02
PUP.Optional.BundleInstaller, C:\PROGRAMDATA\IOBIT\ASCDOWNLOADER\ASC16\IUSETUP.EXE, No Action By User, 88, 1130538, 1.0.81455, , ame, , 65DFDEB20BF56CD5C10EF649D0E0DE2A, 46D5482980D028AA875115471BF01E5C9480283DF74DE6F242D67638C855FFFF
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\AUTOUPDATE.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 8470D6E047518800EF01B787ADDE2648, D702F2D0F311ED1929A08D664ECF75C4FC58CB9F424F32CDED134DE630A459CC
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 21A5506DDCDEDFD128F065C8E645BE6F, 89E7F715E5A118E899D094CC2BA3053286F23C899FAC00DC406DE5DD5EE395D4
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\HARDWARELIB.DLL, No Action By User, 5349, 396386, 1.0.81455, , ame, , C534CD2EF9DA6D3A50C27DAD7A188A04, 040D71DA31DAE5B78F3E29149962F79D4CF53CF9A88A6E82D94A3F65CBEFB09B
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\FEEDBACK.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 57DB648F0B6628F078832DF5D1A2CCE0, 600E3FB4FEFBB4102B3F209911DD87458A14773356BC25A04B27A83A25304CD7
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCINIT.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , D0D95ED48C274EDE3EC3D81B644ADA3D, CEFB7C31D2DA85081EB5FF1244C757E283A6D5197A1C7AB56971BE678128AFAB
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\DISKDEFRAG.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , F98A4521A2D99476B50FA4AEB71CD15D, 65D20649D14AF3E6025765B5D0436C5396EDD430BF155CBF8AD0B1483A7671F4
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\JUMPLISTDLL.DLL, No Action By User, 5349, 396386, 1.0.81455, , ame, , BAAC170530867403FD7A707B7C5EDC91, CBB58ABFB9D42F96339B6EBA6E13499C52820AEAEF3B97565225248F9374AE08
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\SCANNER.DLL, No Action By User, 5349, 396386, 1.0.81455, , ame, , A6A352B3C0E00D951542DA24D2EDAA60, 7DE43BE3BF880D7E2B8023EA749CB454B25EEFA34FEAA442032C717BC891C727
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
www.malwarebytes.com
-Log Details-
Scan Date: 2/26/2024
Scan Time: 9:13 PM
Log File: 738cff84-d4e3-11ee-810b-2c600c918d0f.json
-Software Information-
Version: 5.0.17.99
Components Version: 1.0.1169
Update Package Version: 1.0.81455
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4046)
CPU: x64
File System: NTFS
User: DESKTOP-0T73MBK\PETR
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 246076
Threats Detected: 17
Threats Quarantined: 0
Time Elapsed: 6 min, 9 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 4
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService16, No Action By User, 5349, 380352, 1.0.81455, , ame, , ,
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC_SkipUac_Doma, No Action By User, 5349, 396386, 1.0.81455, , ame, , ,
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2BD5A067-5065-4080-9A11-686974C96BFA}, No Action By User, 5349, 396386, 1.0.81455, , ame, , ,
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2BD5A067-5065-4080-9A11-686974C96BFA}, No Action By User, 5349, 396386, 1.0.81455, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 13
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, No Action By User, 5349, 380352, 1.0.81455, , ame, , 33E6ADC510F01DA48A3CCE9CE9EB0175, 3A8F05AE6536EC43CE86A3745B2A3C4B32573CEE714C6B38F1241E98BE36CA82
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 2389B5E42E2D505768487EF3FC834660, FC52CBC2515FA2DBD7C3BA702FDB8DA98DB0C1CD353F6F31B179451ED5795D8B
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC_SkipUac_Doma, No Action By User, 5349, 396386, 1.0.81455, , ame, , AFA3B080493FC4658AB7C6B840D2EC84, DA7D05E710A58F4CDA784670AC9A86D78283CC381FE15AA02D7639A49B77BBF9
PUP.Optional.AdvancedSystemCare, C:\USERS\PETR\DESKTOP\Programy\Advanced SystemCare.lnk, No Action By User, 5349, 396386, 1.0.81455, , ame, , 59C48312EC7CC4742AD03BB481160944, B7CB5426B456B38F2FEC1F0AFD52315FB7B006F4A1C11E6EE523B56F2EFF6D02
PUP.Optional.BundleInstaller, C:\PROGRAMDATA\IOBIT\ASCDOWNLOADER\ASC16\IUSETUP.EXE, No Action By User, 88, 1130538, 1.0.81455, , ame, , 65DFDEB20BF56CD5C10EF649D0E0DE2A, 46D5482980D028AA875115471BF01E5C9480283DF74DE6F242D67638C855FFFF
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\AUTOUPDATE.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 8470D6E047518800EF01B787ADDE2648, D702F2D0F311ED1929A08D664ECF75C4FC58CB9F424F32CDED134DE630A459CC
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 21A5506DDCDEDFD128F065C8E645BE6F, 89E7F715E5A118E899D094CC2BA3053286F23C899FAC00DC406DE5DD5EE395D4
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\HARDWARELIB.DLL, No Action By User, 5349, 396386, 1.0.81455, , ame, , C534CD2EF9DA6D3A50C27DAD7A188A04, 040D71DA31DAE5B78F3E29149962F79D4CF53CF9A88A6E82D94A3F65CBEFB09B
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\FEEDBACK.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , 57DB648F0B6628F078832DF5D1A2CCE0, 600E3FB4FEFBB4102B3F209911DD87458A14773356BC25A04B27A83A25304CD7
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCINIT.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , D0D95ED48C274EDE3EC3D81B644ADA3D, CEFB7C31D2DA85081EB5FF1244C757E283A6D5197A1C7AB56971BE678128AFAB
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\DISKDEFRAG.EXE, No Action By User, 5349, 396386, 1.0.81455, , ame, , F98A4521A2D99476B50FA4AEB71CD15D, 65D20649D14AF3E6025765B5D0436C5396EDD430BF155CBF8AD0B1483A7671F4
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\JUMPLISTDLL.DLL, No Action By User, 5349, 396386, 1.0.81455, , ame, , BAAC170530867403FD7A707B7C5EDC91, CBB58ABFB9D42F96339B6EBA6E13499C52820AEAEF3B97565225248F9374AE08
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\SCANNER.DLL, No Action By User, 5349, 396386, 1.0.81455, , ame, , A6A352B3C0E00D951542DA24D2EDAA60, 7DE43BE3BF880D7E2B8023EA749CB454B25EEFA34FEAA442032C717BC891C727
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu HJT
příště tento HJT:
https://sourceforge.net/projects/hjt/fi ... e/download
-----------
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“
Program provede opravu, po automatickém restartu klikni na Zobrazit logovací soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
----------------------------------
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
-----------------
. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
----------------
Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
https://www.majorgeeks.com/mg/getmirror ... ool,1.html
https://www.majorgeeks.com/mg/get/sopho ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html
Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs
---------------
Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
https://sourceforge.net/projects/hjt/fi ... e/download
-----------
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“
Program provede opravu, po automatickém restartu klikni na Zobrazit logovací soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
----------------------------------
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
-----------------
. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
----------------
Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
https://www.majorgeeks.com/mg/getmirror ... ool,1.html
https://www.majorgeeks.com/mg/get/sopho ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html
Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs
---------------
Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu HJT
# -------------------------------
# Malwarebytes AdwCleaner 8.4.1.0
# -------------------------------
# Build: 01-29-2024
# Database: 2024-01-29.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-27-2024
# Duration: 00:00:03
# OS: Windows 10 (Build 19045.4046)
# Cleaned: 38
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted C:\Users\PETR\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\PETR\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{146EBCD7-FD30-444E-8304-F09880D298A3}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D020EC6-11E4-4363-BA15-936415A4852E}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D623844-FD2D-4CC0-B572-3A0D24D2DA1C}
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Needs Reboot Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files\ACER\ACER QUICK ACCESS
*************************
AdwCleaner[S00].txt - [5541 octets] - [26/02/2024 21:08:07]
AdwCleaner[S01].txt - [5602 octets] - [27/02/2024 08:31:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.4.1.0
# -------------------------------
# Build: 01-29-2024
# Database: 2024-01-29.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-27-2024
# Duration: 00:00:03
# OS: Windows 10 (Build 19045.4046)
# Cleaned: 38
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted C:\Users\PETR\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\PETR\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{146EBCD7-FD30-444E-8304-F09880D298A3}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D020EC6-11E4-4363-BA15-936415A4852E}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D623844-FD2D-4CC0-B572-3A0D24D2DA1C}
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Needs Reboot Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files\ACER\ACER QUICK ACCESS
*************************
AdwCleaner[S00].txt - [5541 octets] - [26/02/2024 21:08:07]
AdwCleaner[S01].txt - [5602 octets] - [27/02/2024 08:31:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Re: Prosím o kontrolu logu HJT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by PETR (Administrator) on 27.02.2024 at 8:36:15,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Doma (Task)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.02.2024 at 8:39:21,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by PETR (Administrator) on 27.02.2024 at 8:36:15,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Doma (Task)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.02.2024 at 8:39:21,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu HJT
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 2/27/2024
Scan Time: 10:24 AM
Log File: f1bcb016-d551-11ee-bf20-2c600c918d0f.json
-Software Information-
Version: 5.0.17.99
Components Version: 1.0.1169
Update Package Version: 1.0.81455
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4046)
CPU: x64
File System: NTFS
User: DESKTOP-0T73MBK\PETR
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 245819
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 2 min, 54 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService16, Quarantined, 5349, 380352, 1.0.81455, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 2
PUP.Optional.BundleInstaller, C:\PROGRAMDATA\IOBIT\ASCDOWNLOADER\ASC16\IUSETUP.EXE, Quarantined, 88, 1130538, 1.0.81455, , ame, , 65DFDEB20BF56CD5C10EF649D0E0DE2A, 46D5482980D028AA875115471BF01E5C9480283DF74DE6F242D67638C855FFFF
PUP.Optional.BundleInstaller.DDS, C:\USERS\PETR\DOWNLOADS\IOBITUNINSTALLER.EXE, Quarantined, 1000002, 0, 1.0.81455, E03A212EC2B437E751390191, dds, 02711110, 67DA36AAE779299AC1A9E744237560AC, A040E4B0DF412E40652C252C5B67D219C184D36640B020C9ABA286ED8D1B4BD3
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
www.malwarebytes.com
-Log Details-
Scan Date: 2/27/2024
Scan Time: 10:24 AM
Log File: f1bcb016-d551-11ee-bf20-2c600c918d0f.json
-Software Information-
Version: 5.0.17.99
Components Version: 1.0.1169
Update Package Version: 1.0.81455
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4046)
CPU: x64
File System: NTFS
User: DESKTOP-0T73MBK\PETR
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 245819
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 2 min, 54 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService16, Quarantined, 5349, 380352, 1.0.81455, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 2
PUP.Optional.BundleInstaller, C:\PROGRAMDATA\IOBIT\ASCDOWNLOADER\ASC16\IUSETUP.EXE, Quarantined, 88, 1130538, 1.0.81455, , ame, , 65DFDEB20BF56CD5C10EF649D0E0DE2A, 46D5482980D028AA875115471BF01E5C9480283DF74DE6F242D67638C855FFFF
PUP.Optional.BundleInstaller.DDS, C:\USERS\PETR\DOWNLOADS\IOBITUNINSTALLER.EXE, Quarantined, 1000002, 0, 1.0.81455, E03A212EC2B437E751390191, dds, 02711110, 67DA36AAE779299AC1A9E744237560AC, A040E4B0DF412E40652C252C5B67D219C184D36640B020C9ABA286ED8D1B4BD3
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu logu HJT
SOPHOS - čistý - nic nenašel
Re: Prosím o kontrolu logu HJT
Program : RogueKiller Anti-Malware
Version : 15.15.2.0
x64 : Yes
Program Date : Feb 19 2024
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : PETR
User is Admin : Yes
Date : 2024/02/27 12:33:03
Type : Removal
Aborted : No
Scan Mode : Standard
Duration : 4225
Found items : 9
Total scanned : 59803
Signatures Version : 20240216_101755
Truesight Driver : Yes
Updates Count : 7
Arguments : -minimize
************************* Warnings *************************
(22:4568) C:\Windows\System32, LONG_FOLDER_SCAN
[+] path : C:\Windows\System32
[+] message : LONG_FOLDER_SCAN
[+] int1 : 22
[+] int2 : 4568
************************* Removal *************************
Version : 15.15.2.0
x64 : Yes
Program Date : Feb 19 2024
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : PETR
User is Admin : Yes
Date : 2024/02/27 12:33:03
Type : Removal
Aborted : No
Scan Mode : Standard
Duration : 4225
Found items : 9
Total scanned : 59803
Signatures Version : 20240216_101755
Truesight Driver : Yes
Updates Count : 7
Arguments : -minimize
************************* Warnings *************************
(22:4568) C:\Windows\System32, LONG_FOLDER_SCAN
[+] path : C:\Windows\System32
[+] message : LONG_FOLDER_SCAN
[+] int1 : 22
[+] int2 : 4568
************************* Removal *************************
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu HJT
Ten log z RK je celý?
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.
Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni zoek:
https://datoid.cz/UeeEYf/zoek1-rar
editační odkaz
https://datoid.cz/UeeEYf/zoek1-rar/cWMjoITrleT7T2lw
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.
Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.
Vlož nový log z HJT(2.0.4) + informuj o problémech
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.
Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni zoek:
https://datoid.cz/UeeEYf/zoek1-rar
editační odkaz
https://datoid.cz/UeeEYf/zoek1-rar/cWMjoITrleT7T2lw
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.
Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.
Vlož nový log z HJT(2.0.4) + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu HJT
Program : RogueKiller Anti-Malware
Version : 15.15.2.0
x64 : Yes
Program Date : Feb 19 2024
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : PETR
User is Admin : Yes
Date : 2024/02/27 14:57:12
Type : Scan
Aborted : No
Scan Mode : Standard
Duration : 4092
Found items : 11
Total scanned : 59832
Signatures Version : 20240216_101755
Truesight Driver : Yes
Updates Count : 7
Arguments : -minimize
************************* Warnings *************************
(19:4568) C:\Windows\System32, LONG_FOLDER_SCAN
[+] path : C:\Windows\System32
[+] message : LONG_FOLDER_SCAN
[+] int1 : 19
[+] int2 : 4568
************************* Updates *************************
VLC media player (64-bit), version 3.0.11
[+] Available Version : 3.0.20
[+] Size : 0
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\VideoLAN\VLC
Google Chrome (32-bit), version 122.0.6261.69
[+] Available Version : 122.0.6261.70
[+] Size : 0
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Google\Chrome\Application
OpenOffice 4.1.7 (32-bit), version 4.17.9800
[+] Available Version : 4.115
[+] Size : 347255808
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\OpenOffice 4\
Total Commander 64+32-bit (Remove or Repair) (64-bit), version 11.03
[+] Available Version : 11.03.6
[+] Size : 28839936
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\totalcmd\
DriverSetupUtility (64-bit), version 1.00.3011
[+] Available Version : 1.00.3026
[+] Size : 1892352
[+] Wow6432 : No
[+] Portable : No
IObit Uninstaller 13 (32-bit), version 13.1.0.3
[+] Available Version : 13.3.0.2
[+] Size : 83148800
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\IObit\IObit Uninstaller\
Microsoft Office Professional 2007 (32-bit), version 12.0.6612.1000
[+] Available Version : 14.0.7015.1000
[+] Size : 0
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Microsoft Office
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
[PUP.Computrace (Potentially Malicious)] rpcnet (7424) -- C:\Windows\system32\rpcnet.exe -> Found
************************* Scheduled Tasks *************************
************************* Registry *************************
>>>>>> O23 - Services
└── [PUP.Computrace (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rpcnet -- (missing) -> Found
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
[PUP.Computrace (Potentially Malicious)] (file) rpcnetp.exe -- C:\Windows\System32\rpcnetp.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) identprv.dll -- (Absolute Software Corp.) C:\Windows\SysWOW64\identprv.dll -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnet.dll -- (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnet.exe -- (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnetp.dll -- C:\Windows\SysWOW64\rpcnetp.dll -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnetp.exe -- C:\Windows\SysWOW64\rpcnetp.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) Upgrd.exe -- (Absolute Software Corp.) C:\Windows\SysWOW64\Upgrd.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) wceprv.dll -- (Absolute Software Corp.) C:\Windows\SysWOW64\wceprv.dll -> Found
************************* Web Browsers *************************
************************* Antirootkit *************************
Version : 15.15.2.0
x64 : Yes
Program Date : Feb 19 2024
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : PETR
User is Admin : Yes
Date : 2024/02/27 14:57:12
Type : Scan
Aborted : No
Scan Mode : Standard
Duration : 4092
Found items : 11
Total scanned : 59832
Signatures Version : 20240216_101755
Truesight Driver : Yes
Updates Count : 7
Arguments : -minimize
************************* Warnings *************************
(19:4568) C:\Windows\System32, LONG_FOLDER_SCAN
[+] path : C:\Windows\System32
[+] message : LONG_FOLDER_SCAN
[+] int1 : 19
[+] int2 : 4568
************************* Updates *************************
VLC media player (64-bit), version 3.0.11
[+] Available Version : 3.0.20
[+] Size : 0
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\VideoLAN\VLC
Google Chrome (32-bit), version 122.0.6261.69
[+] Available Version : 122.0.6261.70
[+] Size : 0
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Google\Chrome\Application
OpenOffice 4.1.7 (32-bit), version 4.17.9800
[+] Available Version : 4.115
[+] Size : 347255808
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\OpenOffice 4\
Total Commander 64+32-bit (Remove or Repair) (64-bit), version 11.03
[+] Available Version : 11.03.6
[+] Size : 28839936
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\totalcmd\
DriverSetupUtility (64-bit), version 1.00.3011
[+] Available Version : 1.00.3026
[+] Size : 1892352
[+] Wow6432 : No
[+] Portable : No
IObit Uninstaller 13 (32-bit), version 13.1.0.3
[+] Available Version : 13.3.0.2
[+] Size : 83148800
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\IObit\IObit Uninstaller\
Microsoft Office Professional 2007 (32-bit), version 12.0.6612.1000
[+] Available Version : 14.0.7015.1000
[+] Size : 0
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Microsoft Office
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
[PUP.Computrace (Potentially Malicious)] rpcnet (7424) -- C:\Windows\system32\rpcnet.exe -> Found
************************* Scheduled Tasks *************************
************************* Registry *************************
>>>>>> O23 - Services
└── [PUP.Computrace (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rpcnet -- (missing) -> Found
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
[PUP.Computrace (Potentially Malicious)] (file) rpcnetp.exe -- C:\Windows\System32\rpcnetp.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) identprv.dll -- (Absolute Software Corp.) C:\Windows\SysWOW64\identprv.dll -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnet.dll -- (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnet.exe -- (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnetp.dll -- C:\Windows\SysWOW64\rpcnetp.dll -> Found
[PUP.Computrace (Potentially Malicious)] (file) rpcnetp.exe -- C:\Windows\SysWOW64\rpcnetp.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) Upgrd.exe -- (Absolute Software Corp.) C:\Windows\SysWOW64\Upgrd.exe -> Found
[PUP.Computrace (Potentially Malicious)] (file) wceprv.dll -- (Absolute Software Corp.) C:\Windows\SysWOW64\wceprv.dll -> Found
************************* Web Browsers *************************
************************* Antirootkit *************************
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu HJT
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.
pak to další, co jsem psal výše.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.
pak to další, co jsem psal výše.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 38 hostů