Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by breta on 25.04.2022 at 22:06:29,66.
Microsoft Windows 10 Home 10.0.19043 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\breta\Desktop\zoek1\zoek (1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
25.04.2022 22:09:54 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Intel Driver and Support Assistant deleted successfully
C:\PROGRA~2\PokerStars.CZ deleted successfully
C:\PROGRA~2\T-Mobile deleted successfully
C:\PROGRA~2\WonderFox Soft deleted successfully
C:\Program Files\Elantech deleted successfully
C:\Program Files\Highresolution Enterprises deleted successfully
C:\Program Files\JetBrains deleted successfully
C:\Program Files\MoneyManagerEX deleted successfully
C:\PROGRA~3\48C4687D-9760-4F5B-BAB3-60351B0841E4 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\breta\AppData\Roaming\CareCenter deleted successfully
C:\Users\breta\AppData\Roaming\Opera Software deleted successfully
C:\Users\breta\AppData\Roaming\Wargaming.net deleted successfully
C:\Users\breta\AppData\Local\CrashDumps deleted successfully
C:\Users\breta\AppData\Local\DBG deleted successfully
C:\Users\breta\AppData\Local\Finkit deleted successfully
C:\Users\breta\AppData\Local\Greenshot deleted successfully
C:\Users\breta\AppData\Local\gtk-3.0 deleted successfully
C:\Users\breta\AppData\Local\Opera Software deleted successfully
C:\Users\defaultuser0\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1885444895-1151541194-3766610177-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-1885444895-1151541194-3766610177-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default\prefs.js:
user_pref("browser.newtab.url", "https://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180617__yaff");
Added to C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default
user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.newtabpage.url", "https://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180617__yaf
---- FireFox user.js and prefs.js backups ----
prefs__2239_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Intel Driver and Support Assistant not found
C:\PROGRA~2\PokerStars.CZ not found
C:\PROGRA~2\T-Mobile not found
C:\PROGRA~2\WonderFox Soft not found
C:\PROGRA~3\48C4687D-9760-4F5B-BAB3-60351B0841E4 not found
C:\Users\breta\AppData\Local\PokerStars.CZ deleted
C:\PROGRA~2\R.G. Mechanics deleted
C:\Users\breta\AppData\Roaming\discord deleted
C:\Users\breta\AppData\Roaming\uTorrent deleted
C:\Users\breta\AppData\Roaming\WhatsApp deleted
C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Users\breta\.android deleted
C:\PROGRA~3\mia1989.tmp deleted
C:\PROGRA~3\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\breta\AppData\Local\Sync-1516459179.msi.log deleted
C:\Users\breta\AppData\Local\MSGBOX.EXE deleted
C:\Users\breta\AppData\Local\cache deleted
C:\Users\breta\AppData\Local\CrashRpt deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2AAFD.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486783.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4867a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4867b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4867ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4867cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4867ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4867ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486810.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486822.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486824.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486835.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-486857.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4868c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4868d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4868e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-4868fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-48691c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c0-1260-48692e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133b64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133b85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133b97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133bc8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133be9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133c1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133c3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133c5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-111c-1518-133c7e.tmp deleted
asi milion takovych souboru, je to moc dlouhé, asi na 4 zprávy .... :(
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-2782f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-278303.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-278305.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-278307.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-278319.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-27831b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-27831d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f64-159c-27832f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-12017d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-12018e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-120190.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-1201f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-120225.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-120227.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-120239.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-12023b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8-2bcc-12024d.tmp deleted
C:\windows\SysNative\Tasks\Avast Secure Browser Heartbeat Task (Hourly) deleted
C:\windows\SysNative\Tasks\Avast Secure Browser Heartbeat Task (Logon) deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default\searchplugins\yahoo-lavasoft-ff59.xml deleted
C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default\jetpack deleted
C:\Users\breta\Launcher.exe deleted
C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default\extensions\partnerdefaults@mozilla.com deleted
"C:\WINDOWS\Installer\435db6e1.msi" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM\bretaFfl2.dat" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\Avast\datascan.json" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM\breta\kv_pam.db" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM\breta\kv_pamcore.db" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM\breta\kv_pampub.db" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM\breta\pam.db" not deleted
"C:\Users\breta\AppData\Local\AVAST Software" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\Avast" not deleted
"C:\Users\breta\AppData\Local\AVAST Software\APM\breta" not deleted
==== Orphaned Tasks deleted from Registry ======================
Avast Secure Browser Heartbeat Task (Hourly) deleted
Avast Secure Browser Heartbeat Task (Logon) deleted
AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted
Software Update Application deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@firefox.mozilla.org.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\breta\AppData\Roaming\Mozilla\Firefox\Profiles\3fa1oxu4.default
- C:\Program Files x86\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - [?]
==== Chromium Look ======================
Google Chrome Version: 100.0.4896.127
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aegnopegbbhjeeiganiajffnalhlkkjb - No path found[]
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
Safe Torrent Scanner - breta\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb
Location Guard - breta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfohepagpmnodfdmjliccbbigdkfcgia
GoFullPage - Full Page Screen Capture - breta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl
FormApps Extension - breta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A9E6B20B-3626-4F6D-9E89-81AAFF5D2D43}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A9E6B20B-3626-4F6D-9E89-81AAFF5D2D43}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{A9E6B20B-3626-4F6D-9E89-81AAFF5D2D43}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{A9E6B20B-3626-4F6D-9E89-81AAFF5D2D43} - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{A9E6B20B-3626-4F6D-9E89-81AAFF5D2D43}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{A9E6B20B-3626-4F6D-9E89-81AAFF5D2D43} - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
==== Reset Google Chrome ======================
C:\Users\breta\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Preferences was reset successfully
C:\Users\breta\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Secure Preferences was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\breta\AppData\Local\Microsoft\Edge\User Data\Profile 1\Preferences was reset successfully
C:\Users\breta\AppData\Local\Microsoft\Edge\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\breta\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Data was reset successfully
C:\Users\breta\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Data-journal was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\breta\AppData\Local\Microsoft\Edge\User Data\Profile 1\Web Data was reset successfully
C:\Users\breta\AppData\Local\Microsoft\Edge\User Data\Profile 1\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\24C995FA5E2A15247BEE94521D74EAC0 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iastorui.exe\6effccfb19af2e23_PD deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Driver Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF599C42-A2E5-4251-B7EE-4925D147AE0C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\24C995FA5E2A15247BEE94521D74EAC0 deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\breta\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\breta\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\breta\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache emptied successfully
C:\Users\breta\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\breta\AppData\Local\Microsoft\Edge\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2937 folders=2253 473469948 bytes)
==== Empty Temp Folders ======================
C:\Users\breta\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\defaultuser0\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
Kontrola logu
Re: Kontrola logu
Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 25.04.2022 23:40:16
Typ kontroly : Custom Scan
Čas trvání : 00:39:48
Zkontrolované objekty : 238462
Zjištěné objekty : 5
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 4X Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 126A35BA0013630324BACA
Odhalení
MD5 : 6DC2BEEEBEE1212D17B9376ACEE93235
Stav : Zkontrolováno
Objekt : c:\programdata\avast software\avast\log\hns.log
Vydavatel :
Velikost : 116695
Odhalení : Trojan:Win32/MalDropper.OnClickAds
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9C732FA4B78D823213C10D8223437B85
Stav : Zkontrolováno
Objekt : c:\zoek\in\usertemp\locstor.txt
Vydavatel :
Velikost : 733
Odhalení : Adware:Win32/FeedSonicSearch
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1C8C178E28E919BB797FFBEFF7C6F0A8
Stav : Zkontrolováno
Objekt : c:\zoek_backup\c_users_breta_appdata_local_avast software\browser\user data\default\extensions\kmediagceboldddnnajkcochbkfkedel\1.23.0.675_0\assets\thirdparties\pgl.yoyo.org\as\serverlist
Vydavatel :
Velikost : 80236
Odhalení : Trojan:Win32/MalDropper.OnClickAds
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 35CC8ECAF3E89B39A4C73570D375E2E8
Stav : Zkontrolováno
Objekt : c:\zoek_backup\c_users_breta_appdata_local_avast software\browser\user data\default\extensions\kmediagceboldddnnajkcochbkfkedel\1.23.0.675_0\assets\thirdparties\easylist-downloads.adblockplus.org\easylist.txt
Vydavatel :
Velikost : 2598100
Odhalení : Adware:Win32/FeedSonicSearch
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : B97D1667799CCE242768358DCFABB78D
Stav : Zkontrolováno
Objekt : c:\zoek_backup\c_users_breta_appdata_local_avast software\browser\user data\default\extensions\nmebbcjdbhgggcgohlnlgadkmjiedfbc\1.2.341_0\js\background.js
Vydavatel :
Velikost : 2078514
Odhalení : Trojan:Win32/MalDropper.OnClickAds
Akce : Karanténa
-----------------------------------------------------------------------
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 25.04.2022 23:40:16
Typ kontroly : Custom Scan
Čas trvání : 00:39:48
Zkontrolované objekty : 238462
Zjištěné objekty : 5
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 4X Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 126A35BA0013630324BACA
Odhalení
MD5 : 6DC2BEEEBEE1212D17B9376ACEE93235
Stav : Zkontrolováno
Objekt : c:\programdata\avast software\avast\log\hns.log
Vydavatel :
Velikost : 116695
Odhalení : Trojan:Win32/MalDropper.OnClickAds
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9C732FA4B78D823213C10D8223437B85
Stav : Zkontrolováno
Objekt : c:\zoek\in\usertemp\locstor.txt
Vydavatel :
Velikost : 733
Odhalení : Adware:Win32/FeedSonicSearch
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1C8C178E28E919BB797FFBEFF7C6F0A8
Stav : Zkontrolováno
Objekt : c:\zoek_backup\c_users_breta_appdata_local_avast software\browser\user data\default\extensions\kmediagceboldddnnajkcochbkfkedel\1.23.0.675_0\assets\thirdparties\pgl.yoyo.org\as\serverlist
Vydavatel :
Velikost : 80236
Odhalení : Trojan:Win32/MalDropper.OnClickAds
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 35CC8ECAF3E89B39A4C73570D375E2E8
Stav : Zkontrolováno
Objekt : c:\zoek_backup\c_users_breta_appdata_local_avast software\browser\user data\default\extensions\kmediagceboldddnnajkcochbkfkedel\1.23.0.675_0\assets\thirdparties\easylist-downloads.adblockplus.org\easylist.txt
Vydavatel :
Velikost : 2598100
Odhalení : Adware:Win32/FeedSonicSearch
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : B97D1667799CCE242768358DCFABB78D
Stav : Zkontrolováno
Objekt : c:\zoek_backup\c_users_breta_appdata_local_avast software\browser\user data\default\extensions\nmebbcjdbhgggcgohlnlgadkmjiedfbc\1.2.341_0\js\background.js
Vydavatel :
Velikost : 2078514
Odhalení : Trojan:Win32/MalDropper.OnClickAds
Akce : Karanténa
-----------------------------------------------------------------------
Re: Kontrola logu
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:24:08, on 26.04.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
C:\Users\breta\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer17win10.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Viber] "C:\Users\breta\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CiscoMeetingDaemon] "C:\Users\breta\AppData\Local\WebEx\WebexHost.exe" /daemon /from=autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1885444895-1151541194-3766610177-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0')
O4 - HKUS\S-1-5-21-1885444895-1151541194-3766610177-1000\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'defaultuser0')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Služba Avast Browser Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 - Service: Služba Avast Browser Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\100.0.15871.128\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 - Service: Služba Aktualizace Brave (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Služba Aktualizace Brave (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: CCDMonitorService - Unknown owner - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (file missing)
O23 - Service: Avast Cleanup (CleanupPSvc) - AVAST Software - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_377c238b1690ab0f\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_377c238b1690ab0f\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_15868f - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Avast Driver Updater (DriverUpdSvc) - AVAST Software - C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\WINDOWS\system32\ICEsoundService64.exe (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_14b6c79434365e33\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6850e1b6319e5b65\igfxCUIService.exe
O23 - Service: @oem60.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem60.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: Intel SST Parameter Service (IntelSSTSvc) - Unknown owner - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Local Service (QALSvc) - Unknown owner - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Unknown owner - C:\Program Files\Acer\Acer Quick Access\QASvc.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem57.inf,%RstMwService.ServiceName%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - Unknown owner - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12210 bytes
Scan saved at 19:24:08, on 26.04.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
C:\Users\breta\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer17win10.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Viber] "C:\Users\breta\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CiscoMeetingDaemon] "C:\Users\breta\AppData\Local\WebEx\WebexHost.exe" /daemon /from=autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1885444895-1151541194-3766610177-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0')
O4 - HKUS\S-1-5-21-1885444895-1151541194-3766610177-1000\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'defaultuser0')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Služba Avast Browser Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 - Service: Služba Avast Browser Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\100.0.15871.128\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 - Service: Služba Aktualizace Brave (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Služba Aktualizace Brave (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: CCDMonitorService - Unknown owner - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (file missing)
O23 - Service: Avast Cleanup (CleanupPSvc) - AVAST Software - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_377c238b1690ab0f\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_377c238b1690ab0f\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_15868f - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Avast Driver Updater (DriverUpdSvc) - AVAST Software - C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\WINDOWS\system32\ICEsoundService64.exe (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_14b6c79434365e33\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6850e1b6319e5b65\igfxCUIService.exe
O23 - Service: @oem60.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem60.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: Intel SST Parameter Service (IntelSSTSvc) - Unknown owner - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Local Service (QALSvc) - Unknown owner - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Unknown owner - C:\Program Files\Acer\Acer Quick Access\QASvc.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem57.inf,%RstMwService.ServiceName%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - Unknown owner - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12210 bytes
Re: Kontrola logu
Odinstaloval jsem ted ty programy, prislo mi, že se to seká. Dám info během týdne, logy vypadají ok?
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
OK.
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nebudou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer17win10.msn.com/?pc=ACTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nebudou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
dobře děkuji, provedu a když bude vše OK, dám echo...
Dotaz: zmizla mi rozšíření do prohlížeče - nějaký typ čím blokovat reklamy?
Dotaz: zmizla mi rozšíření do prohlížeče - nějaký typ čím blokovat reklamy?
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
To musel některý z nástrojů smazat.
To neporadím , používám většinu prohlížeč Opera a ten to má v sobě.
To neporadím , používám většinu prohlížeč Opera a ten to má v sobě.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
Dobrý den, bohužel problém přetrval, byť možná v menší míře. Jde o to, že zapnu NTB, prihlasím se a všechno hrozne trvá, i jenom kliknutí na ikonu zvuku, nabahnuti prohližece, stranky - všechno v trvá cca jednu minutu? Rešenim je restart, nebo vypnout a zapnout. Nekdy koukám do správce úloh, ale není tam asi nic, co by vytežovalo CPU na 100%.....tak nevím co s tím je?
Možná nejaka blbost, co se (nekdy) spusti se startem NTB a cele to zasekne?
Možná nejaka blbost, co se (nekdy) spusti se startem NTB a cele to zasekne?
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
Přeci jenom uběhla dlouhá doba od čištění , takže se tam mohl natáhnout nějaký malware.
Vyčisti systém CCleanerem
http://www.piriform.com/ccleaner/download/standard
Otestuj zase pomocí malwarebytes antimalware a dej sem log.
Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Pak použij i Adwcleaner.log sem.
Vyčisti systém CCleanerem
http://www.piriform.com/ccleaner/download/standard
Otestuj zase pomocí malwarebytes antimalware a dej sem log.
Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Pak použij i Adwcleaner.log sem.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
Adwcleaner cisty.....
----------------------------------------------------------------------------
CrystalDiskInfo 8.16.4 (C) 2008-2022 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 19043] (x64)
Date : 2022/05/18 23:01:38
-- Controller Map ----------------------------------------------------------
+ Intel(R) 6th Generation Core Processor Family Platform I/O SATA AHCI Controller [ATA]
- Slimtype DVD A DA8AESH
- Micron_1100_MTFDDAV256TBN
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(01) Micron_1100_MTFDDAV256TBN : 256,0 GB [0/0/2, pd1] - m2
----------------------------------------------------------------------------
(01) Micron_1100_MTFDDAV256TBN
----------------------------------------------------------------------------
Model : Micron_1100_MTFDDAV256TBN
Firmware : M0MA020
Serial Number : 164914E4D7E6
Disk Size : 256,0 GB (8,4/137,4/256,0/----)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 500118192
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 5
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1255 hodin
Power On Count : 3825 krát
Host Writes : 17831 GB
Temperature : 63 C (145 F)
Health Status : Dobrý (90 %)
Features : S.M.A.R.T., APM, NCQ, TRIM, DevSleep
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Míra chybovosti čtení RAW
05 100 100 _10 000000000000 Počet přerozdělených sektorů
09 100 100 __0 0000000004E7 Hodiny zapnutí
0C 100 100 __0 000000000EF1 Počet cyklů napájení
AB 100 100 __0 000000000000 Počet selhání programu
AC 100 100 __0 000000000000 Počet chyb při mazání
AD _90 _90 __0 0000000000A0 Průměrný počet vymazání bloku
AE 100 100 __0 000000000082 Neočekávaný počet ztrát napájení
B7 100 100 __0 000000000000 Zpětný posun rozhraní SATA
B8 100 100 __0 000000000000 Počet korekcí chyb
BB 100 100 __0 000000000000 Nahlášené neopravitelné chyby
C2 _37 _33 __0 00430009003F Teplota
C4 100 100 __0 000000000000 Počet událostí přerozdělení
C5 100 100 __0 000000000000 Aktuální počet čekajících sektorů
C6 100 100 __0 000000000000 Inteligentní offline skenování Počet neopravitelných chyb
C7 100 100 __0 000000000000 Míra chyb CRC Ultra DMA
CA _90 _90 __1 00000000000A Procento využité doby života
CE 100 100 __0 000000000000 Míra chyb při zápisu
F6 100 100 __0 0008B4E4028E Celkový počet zápisů hostitelského sektoru
F7 100 100 __0 000045D3015B Počet stránek programu hostitele
F8 100 100 __0 000029E450FD Počet stránek programu na pozadí
B4 __0 __0 __0 0000000007F5 Nevyužité rezervní bloky NAND
D2 100 100 __0 000000000000 Počet úspěšných obnovení RAIN
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0440 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 3136 3439 3134 4534 4437 4536
020: 0000 0000 0000 204D 304D 4130 3230 4D69 6372 6F6E
030: 5F31 3130 305F 4D54 4644 4441 5632 3536 5442 4E20
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 9110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D28
070: 0000 0000 0000 0000 0000 001F 950E 00C6 014C 004C
080: 07F8 006D 706B 7409 6163 7069 B409 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 32B0 1DCF 0000 0000 0000 0008 4000 0000 500A 0751
110: 14E4 D7E6 0000 0000 0000 0000 0000 0000 0000 411E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 3333
130: 3163 3161 6600 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 4D54 4644 4441
150: 5632 3536 5442 4E20 0000 0000 0000 0000 0000 A5A5
160: 0000 0000 0000 0000 0000 0000 0000 0000 0005 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 4000
210: 0000 0000 0000 0001 0000 0000 0000 0001 0000 0000
220: 0000 0000 10FF 0000 0000 0000 0000 0000 0000 0000
230: 32B0 1DCF 0000 0000 0001 00FF 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 93A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 05 32
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 64 64 E7
020: 04 00 00 00 00 00 0C 32 00 64 64 F1 0E 00 00 00
030: 00 00 AB 32 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AD 32 00 5A 5A A0
050: 00 00 00 00 00 00 AE 32 00 64 64 82 00 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 C2 22 00 25 21 3F 00 09 00 43
090: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 32
0A0: 00 64 64 00 00 00 00 00 00 00 C6 30 00 64 64 00
0B0: 00 00 00 00 00 00 C7 32 00 64 64 00 00 00 00 00
0C0: 00 00 CA 30 00 5A 5A 0A 00 00 00 00 00 00 CE 0E
0D0: 00 64 64 00 00 00 00 00 00 00 F6 32 00 64 64 8E
0E0: 02 E4 B4 08 00 00 F7 32 00 64 64 5B 01 D3 45 00
0F0: 00 00 F8 32 00 64 64 FD 50 E4 29 00 00 00 B4 33
100: 00 00 00 F5 07 00 00 00 00 00 D2 32 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 A6 02 00 7B
170: 03 00 01 00 02 04 03 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 00 00 00 00 00 00 00 00 00 00 00 05 0A
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AD 00 00 00 00 00
050: 00 00 00 00 00 00 AE 00 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 CA 01 00 00 00 00 00 00 00 00 00 00 CE 00
0D0: 00 00 00 00 00 00 00 00 00 00 F6 00 00 00 00 00
0E0: 00 00 00 00 00 00 F7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F8 00 00 00 00 00 00 00 00 00 00 00 B4 00
100: 00 00 00 00 00 00 00 00 00 00 D2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13
----------------------------------------------------------------------------
CrystalDiskInfo 8.16.4 (C) 2008-2022 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 19043] (x64)
Date : 2022/05/18 23:01:38
-- Controller Map ----------------------------------------------------------
+ Intel(R) 6th Generation Core Processor Family Platform I/O SATA AHCI Controller [ATA]
- Slimtype DVD A DA8AESH
- Micron_1100_MTFDDAV256TBN
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(01) Micron_1100_MTFDDAV256TBN : 256,0 GB [0/0/2, pd1] - m2
----------------------------------------------------------------------------
(01) Micron_1100_MTFDDAV256TBN
----------------------------------------------------------------------------
Model : Micron_1100_MTFDDAV256TBN
Firmware : M0MA020
Serial Number : 164914E4D7E6
Disk Size : 256,0 GB (8,4/137,4/256,0/----)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 500118192
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 5
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1255 hodin
Power On Count : 3825 krát
Host Writes : 17831 GB
Temperature : 63 C (145 F)
Health Status : Dobrý (90 %)
Features : S.M.A.R.T., APM, NCQ, TRIM, DevSleep
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Míra chybovosti čtení RAW
05 100 100 _10 000000000000 Počet přerozdělených sektorů
09 100 100 __0 0000000004E7 Hodiny zapnutí
0C 100 100 __0 000000000EF1 Počet cyklů napájení
AB 100 100 __0 000000000000 Počet selhání programu
AC 100 100 __0 000000000000 Počet chyb při mazání
AD _90 _90 __0 0000000000A0 Průměrný počet vymazání bloku
AE 100 100 __0 000000000082 Neočekávaný počet ztrát napájení
B7 100 100 __0 000000000000 Zpětný posun rozhraní SATA
B8 100 100 __0 000000000000 Počet korekcí chyb
BB 100 100 __0 000000000000 Nahlášené neopravitelné chyby
C2 _37 _33 __0 00430009003F Teplota
C4 100 100 __0 000000000000 Počet událostí přerozdělení
C5 100 100 __0 000000000000 Aktuální počet čekajících sektorů
C6 100 100 __0 000000000000 Inteligentní offline skenování Počet neopravitelných chyb
C7 100 100 __0 000000000000 Míra chyb CRC Ultra DMA
CA _90 _90 __1 00000000000A Procento využité doby života
CE 100 100 __0 000000000000 Míra chyb při zápisu
F6 100 100 __0 0008B4E4028E Celkový počet zápisů hostitelského sektoru
F7 100 100 __0 000045D3015B Počet stránek programu hostitele
F8 100 100 __0 000029E450FD Počet stránek programu na pozadí
B4 __0 __0 __0 0000000007F5 Nevyužité rezervní bloky NAND
D2 100 100 __0 000000000000 Počet úspěšných obnovení RAIN
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0440 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 3136 3439 3134 4534 4437 4536
020: 0000 0000 0000 204D 304D 4130 3230 4D69 6372 6F6E
030: 5F31 3130 305F 4D54 4644 4441 5632 3536 5442 4E20
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 9110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D28
070: 0000 0000 0000 0000 0000 001F 950E 00C6 014C 004C
080: 07F8 006D 706B 7409 6163 7069 B409 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 32B0 1DCF 0000 0000 0000 0008 4000 0000 500A 0751
110: 14E4 D7E6 0000 0000 0000 0000 0000 0000 0000 411E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 3333
130: 3163 3161 6600 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 4D54 4644 4441
150: 5632 3536 5442 4E20 0000 0000 0000 0000 0000 A5A5
160: 0000 0000 0000 0000 0000 0000 0000 0000 0005 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 4000
210: 0000 0000 0000 0001 0000 0000 0000 0001 0000 0000
220: 0000 0000 10FF 0000 0000 0000 0000 0000 0000 0000
230: 32B0 1DCF 0000 0000 0001 00FF 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 93A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 05 32
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 64 64 E7
020: 04 00 00 00 00 00 0C 32 00 64 64 F1 0E 00 00 00
030: 00 00 AB 32 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AD 32 00 5A 5A A0
050: 00 00 00 00 00 00 AE 32 00 64 64 82 00 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 C2 22 00 25 21 3F 00 09 00 43
090: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 32
0A0: 00 64 64 00 00 00 00 00 00 00 C6 30 00 64 64 00
0B0: 00 00 00 00 00 00 C7 32 00 64 64 00 00 00 00 00
0C0: 00 00 CA 30 00 5A 5A 0A 00 00 00 00 00 00 CE 0E
0D0: 00 64 64 00 00 00 00 00 00 00 F6 32 00 64 64 8E
0E0: 02 E4 B4 08 00 00 F7 32 00 64 64 5B 01 D3 45 00
0F0: 00 00 F8 32 00 64 64 FD 50 E4 29 00 00 00 B4 33
100: 00 00 00 F5 07 00 00 00 00 00 D2 32 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 A6 02 00 7B
170: 03 00 01 00 02 04 03 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 00 00 00 00 00 00 00 00 00 00 00 05 0A
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AD 00 00 00 00 00
050: 00 00 00 00 00 00 AE 00 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 CA 01 00 00 00 00 00 00 00 00 00 00 CE 00
0D0: 00 00 00 00 00 00 00 00 00 00 F6 00 00 00 00 00
0E0: 00 00 00 00 00 00 F7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F8 00 00 00 00 00 00 00 00 00 00 00 B4 00
100: 00 00 00 00 00 00 00 00 00 00 D2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
000000000082 Neočekávaný počet ztrát napájení -- možná něco s napájením? To je notebook?
Udělej ještě malwarebytes antimalware.
+
Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/
Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
a ještě RogueKiller.
Udělej ještě malwarebytes antimalware.
+
Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/
Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
a ještě RogueKiller.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
Ano, notebook.
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 18.05.22
Čas skenování: 21:39
Logovací soubor: 3cbc751c-d6e2-11ec-be16-a81e8445a94b.json
-Informace o softwaru-
Verze: 4.5.7.186
Verze komponentů: 1.0.1645
Aktualizovat verzi balíku komponent: 1.0.55149
Licence: Bezplatná
-Systémová informace-
OS: Windows 10 (Build 19043.1706)
CPU: x64
Systém souborů: NTFS
Uživatel: LAPTOP-RCMATI0H\breta
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 602705
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 15 hod, 6 min, 1 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
Malware.Heuristic.1003, C:\$RECYCLE.BIN\S-1-5-21-1885444895-1151541194-3766610177-1001\$RUAPL8K\ZOEK (1).EXE, Smazání při restartu, 1000001, 0, 1.0.55149, 0000000000000000000003EB, dds, 01776544, 294DBD73A55AF616B18771026B499B53, CDF21E47A065A699769D6CEB95474249270B4700547AB86369A311BB69A93DEC
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 18.05.22
Čas skenování: 21:39
Logovací soubor: 3cbc751c-d6e2-11ec-be16-a81e8445a94b.json
-Informace o softwaru-
Verze: 4.5.7.186
Verze komponentů: 1.0.1645
Aktualizovat verzi balíku komponent: 1.0.55149
Licence: Bezplatná
-Systémová informace-
OS: Windows 10 (Build 19043.1706)
CPU: x64
Systém souborů: NTFS
Uživatel: LAPTOP-RCMATI0H\breta
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 602705
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 15 hod, 6 min, 1 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
Malware.Heuristic.1003, C:\$RECYCLE.BIN\S-1-5-21-1885444895-1151541194-3766610177-1001\$RUAPL8K\ZOEK (1).EXE, Smazání při restartu, 1000001, 0, 1.0.55149, 0000000000000000000003EB, dds, 01776544, 294DBD73A55AF616B18771026B499B53, CDF21E47A065A699769D6CEB95474249270B4700547AB86369A311BB69A93DEC
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů