Malware v počítači
Napsal: 12 kvě 2019 21:32
Dobrý den, ráda bych se zeptala zda je můj počítač v pořádku. Narazila jsem již na pár virů při použití zmíněného AdwCleaneru od Malwarebytes, ale pořád mám pocit, že tam někde něco je. Disk jede na 100% po zapnutí počítače, neklesá ani po pár hodinách. Díky za odpověď.
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2019
# Duration: 00:00:22
# OS: Windows 10 Home
# Cleaned: 73
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\Program Files (x86)\ProxyGate
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\ByteFence
Deleted C:\ProgramData\FileViewPro
Deleted C:\ProgramData\Host App Service
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\Solvusoft
Deleted C:\ProgramData\ytd video downloader
Deleted C:\Users\tucek\AppData\Local\Host App Service
Deleted C:\Users\tucek\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\tucek\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\tucek\AppData\Roaming\SPI
Deleted C:\Users\tucek\AppData\Roaming\Seznam.cz
Deleted C:\Users\tucek\AppData\Roaming\Solvusoft
Deleted C:\Users\tucek\AppData\Roaming\WinThruster
Deleted C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\simpliclean.lnk
Deleted C:\Users\tucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Youtube.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\POWER SUITE
Deleted C:\Windows\System32\Tasks\POWER SUITE (TRAY)
Deleted C:\Windows\Tasks\POWER SUITE (TRAY).JOB
Deleted C:\Windows\Tasks\POWER SUITE.JOB
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_00769fdd5a07b61dba64e72f56b32b63abc9fd44
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_322460fb8f47d8cb14cd883b17b5e0dd233a7768
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_40aecc4d902a9b7ddffa8a0a80a9b1aeb54021df
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_eadb86253068dc3c9bb0f55c26248e321f071368
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\AppDataLow\Software\Seznam.cz
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B087C78-B89D-446F-B401-8565FED383C2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B087C78-B89D-446F-B401-8565FED383C2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3095FBD3-2A3D-40E6-B570-889E232E6F40}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite (Tray)
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Classes\IsLicense50.IsLicenseMgr
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Seznam.cz
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WorldofTanks
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKU\S-1-5-18\Software\ByteFence
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8196 octets] - [12/05/2019 22:07:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2019
# Duration: 00:00:22
# OS: Windows 10 Home
# Cleaned: 73
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\Program Files (x86)\ProxyGate
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\ByteFence
Deleted C:\ProgramData\FileViewPro
Deleted C:\ProgramData\Host App Service
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\Solvusoft
Deleted C:\ProgramData\ytd video downloader
Deleted C:\Users\tucek\AppData\Local\Host App Service
Deleted C:\Users\tucek\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\tucek\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\tucek\AppData\Roaming\SPI
Deleted C:\Users\tucek\AppData\Roaming\Seznam.cz
Deleted C:\Users\tucek\AppData\Roaming\Solvusoft
Deleted C:\Users\tucek\AppData\Roaming\WinThruster
Deleted C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\simpliclean.lnk
Deleted C:\Users\tucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Youtube.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\POWER SUITE
Deleted C:\Windows\System32\Tasks\POWER SUITE (TRAY)
Deleted C:\Windows\Tasks\POWER SUITE (TRAY).JOB
Deleted C:\Windows\Tasks\POWER SUITE.JOB
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_00769fdd5a07b61dba64e72f56b32b63abc9fd44
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_322460fb8f47d8cb14cd883b17b5e0dd233a7768
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_40aecc4d902a9b7ddffa8a0a80a9b1aeb54021df
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HostAppService_eadb86253068dc3c9bb0f55c26248e321f071368
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\AppDataLow\Software\Seznam.cz
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B087C78-B89D-446F-B401-8565FED383C2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B087C78-B89D-446F-B401-8565FED383C2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3095FBD3-2A3D-40E6-B570-889E232E6F40}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite (Tray)
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Classes\IsLicense50.IsLicenseMgr
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Seznam.cz
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WorldofTanks
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKU\S-1-5-18\Software\ByteFence
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8196 octets] - [12/05/2019 22:07:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########