Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu problemy malwarebytes
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola logu problemy malwarebytes
Dobrý den provádel jsem rutiní kontrolu a vyskočilo na mě:
Malwarebytes
http://www.malwarebytes.com
-Log Details-
Scan Date: 7/12/19
Scan Time: 5:33 PM
Log File: 690c6648-a4ba-11e9-ad12-708bcda31ff2.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.11522
License: Free
-System Information-
OS: Windows 10 (Build 17763.557)
CPU: x64
File System: NTFS
User: DESKTOP-TOP8B4Q\marys
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 331124
Threats Detected: 12
Threats Quarantined: 12
Time Elapsed: 5 min, 6 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 6
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [4085], [-1],0.0.0
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [4085], [-1],0.0.0
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [4085], [-1],0.0.0
Registry Value: 1
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|winlogui, Quarantined, [753], [646232],1.0.11522
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 5
Trojan.FakeMS, C:\WINDOWS\SYSTEM32\WINLOGUI.EXE, Quarantined, [753], [646232],1.0.11522
Trojan.FakeMS, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\STARTUPCHECKLIBRARY.DLL, Quarantined, [4085], [676767],1.0.11522
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [4085], [-1],0.0.0
PUP.Optional.Seznam, D:\DOWNLOAD\FLV-TO-MP4-ENCODER.EXE, Quarantined, [614], [623984],1.0.11522
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Děkuji
Malwarebytes
http://www.malwarebytes.com
-Log Details-
Scan Date: 7/12/19
Scan Time: 5:33 PM
Log File: 690c6648-a4ba-11e9-ad12-708bcda31ff2.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.11522
License: Free
-System Information-
OS: Windows 10 (Build 17763.557)
CPU: x64
File System: NTFS
User: DESKTOP-TOP8B4Q\marys
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 331124
Threats Detected: 12
Threats Quarantined: 12
Time Elapsed: 5 min, 6 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 6
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [4085], [-1],0.0.0
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [4085], [-1],0.0.0
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35D35B7B-2E56-40FA-99A7-C8681112CA89}, Quarantined, [4085], [-1],0.0.0
Registry Value: 1
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|winlogui, Quarantined, [753], [646232],1.0.11522
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 5
Trojan.FakeMS, C:\WINDOWS\SYSTEM32\WINLOGUI.EXE, Quarantined, [753], [646232],1.0.11522
Trojan.FakeMS, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [753], [676733],1.0.11522
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\STARTUPCHECKLIBRARY.DLL, Quarantined, [4085], [676767],1.0.11522
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Application Experience\StartupCheckLibrary, Quarantined, [4085], [-1],0.0.0
PUP.Optional.Seznam, D:\DOWNLOAD\FLV-TO-MP4-ENCODER.EXE, Quarantined, [614], [623984],1.0.11522
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Děkuji
- Přílohy
-
- FRST a ADDITION.zip
- (36.16 KiB) Staženo 65 x
Re: Kontrola logu problemy malwarebytes
Ahoj
Urob v Malwarebytes uplny sken:
Urob v Malwarebytes uplny sken:
- Otvor Malwarebytes a vlavo klikni na "Skenovat"
- Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
- Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
- Klikni na Skenovat teraz a pockaj na dokoncenie
- Po dokonceni klikni na Exportovat zhrnutie -> Skopirovat do schranky
- Skopirovany log vloz do dalsej odpovede
- Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 12.07.19
Čas skenování: 19:38
Logovací soubor: e2422938-a4cb-11e9-b26d-708bcda31ff2.json
-Informace o softwaru-
Verze: 3.8.3.2965
Verze komponentů: 1.0.613
Aktualizovat verzi balíku komponent: 1.0.11522
Licence: Bezplatný
-Systémová informace-
OS: Windows 10 (Build 17763.557)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-TOP8B4Q\marys
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 1775171
Zjištěné hrozby: 4
Hrozby umístěné do karantény: 0
Uplynulý čas: 17 hod, 41 min, 12 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 4
Trojan.Swrort, E:\DF\LNP\UTILITIES\DWARF MOCKUP\DWARFMOCKUP-1.2.0.EXE, Žádná uživatelská akce, [7645], [565860],1.0.11522
HackTool.FilePatch, D:\USERS\MARYS\DOWNLOADS\OBVIOUSIDEA LIGHT IMAGE RESIZER\OBVIOUSIDEA LIGHT IMAGE RESIZER V5.0.3.1.7Z, Žádná uživatelská akce, [7688], [281135],1.0.11522
Generic.Malware/Suspicious, D:\USERS\MARYS\DOWNLOADS\PRODUKEY (1).ZIP, Žádná uživatelská akce, [0], [392686],1.0.11522
Generic.Malware/Suspicious, D:\USERS\MARYS\DOWNLOADS\PRODUKEY.ZIP, Žádná uživatelská akce, [0], [392686],1.0.11522
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 12.07.19
Čas skenování: 19:38
Logovací soubor: e2422938-a4cb-11e9-b26d-708bcda31ff2.json
-Informace o softwaru-
Verze: 3.8.3.2965
Verze komponentů: 1.0.613
Aktualizovat verzi balíku komponent: 1.0.11522
Licence: Bezplatný
-Systémová informace-
OS: Windows 10 (Build 17763.557)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-TOP8B4Q\marys
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 1775171
Zjištěné hrozby: 4
Hrozby umístěné do karantény: 0
Uplynulý čas: 17 hod, 41 min, 12 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 4
Trojan.Swrort, E:\DF\LNP\UTILITIES\DWARF MOCKUP\DWARFMOCKUP-1.2.0.EXE, Žádná uživatelská akce, [7645], [565860],1.0.11522
HackTool.FilePatch, D:\USERS\MARYS\DOWNLOADS\OBVIOUSIDEA LIGHT IMAGE RESIZER\OBVIOUSIDEA LIGHT IMAGE RESIZER V5.0.3.1.7Z, Žádná uživatelská akce, [7688], [281135],1.0.11522
Generic.Malware/Suspicious, D:\USERS\MARYS\DOWNLOADS\PRODUKEY (1).ZIP, Žádná uživatelská akce, [0], [392686],1.0.11522
Generic.Malware/Suspicious, D:\USERS\MARYS\DOWNLOADS\PRODUKEY.ZIP, Žádná uživatelská akce, [0], [392686],1.0.11522
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Kontrola logu problemy malwarebytes
Nalezy Malwarebytes mozes zmazat.
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1384 octets] - [31/03/2019 16:14:03]
AdwCleaner[C00].txt - [1532 octets] - [31/03/2019 16:16:52]
AdwCleaner[S01].txt - [1371 octets] - [31/03/2019 17:53:05]
AdwCleaner[S02].txt - [1432 octets] - [15/04/2019 01:28:24]
AdwCleaner[S03].txt - [1493 octets] - [24/05/2019 14:04:16]
AdwCleaner[C03].txt - [1679 octets] - [24/05/2019 14:04:33]
AdwCleaner[S04].txt - [1615 octets] - [24/05/2019 14:08:07]
AdwCleaner[S05].txt - [1676 octets] - [14/07/2019 18:59:24]
AdwCleaner[S06].txt - [1737 octets] - [14/07/2019 19:00:18]
AdwCleaner[S07].txt - [1798 octets] - [14/07/2019 19:01:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C07].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1384 octets] - [31/03/2019 16:14:03]
AdwCleaner[C00].txt - [1532 octets] - [31/03/2019 16:16:52]
AdwCleaner[S01].txt - [1371 octets] - [31/03/2019 17:53:05]
AdwCleaner[S02].txt - [1432 octets] - [15/04/2019 01:28:24]
AdwCleaner[S03].txt - [1493 octets] - [24/05/2019 14:04:16]
AdwCleaner[C03].txt - [1679 octets] - [24/05/2019 14:04:33]
AdwCleaner[S04].txt - [1615 octets] - [24/05/2019 14:08:07]
AdwCleaner[S05].txt - [1676 octets] - [14/07/2019 18:59:24]
AdwCleaner[S06].txt - [1737 octets] - [14/07/2019 19:00:18]
AdwCleaner[S07].txt - [1798 octets] - [14/07/2019 19:01:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C07].txt ##########
Re: Kontrola logu problemy malwarebytes
Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
Děkuju posílám
- Přílohy
-
- frst + addition.zip
- (39.58 KiB) Staženo 64 x
Re: Kontrola logu problemy malwarebytes
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum VirusTotal: C:\ProgramData\{ybvuwci.uhn File: C:\ProgramData\{ybvuwci.uhn 2019-06-29 21:55 - 2019-06-29 21:55 - 000012554 _____ C:\ProgramData\{ybvuwci.uhn 2019-06-29 21:55 - 2019-06-29 21:55 - 000000000 _____ C:\ProgramData\678759991 CustomCLSID: HKU\S-1-5-21-1410936417-1045171731-3576322853-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\marys\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File AlternateDataStreams: C:\Users\marys\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\marys\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\marys\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\marys\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\marys\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\marys\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480] FirewallRules: [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}C:\users\marys\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marys\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}C:\users\marys\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marys\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
Restart si nevyzadal fixlog byl tento
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by marys (16-07-2019 17:57:29) Run:2
Running from C:\Users\marys\Desktop
Loaded Profiles: marys (Available Profiles: marys & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses
CreateRestorePoint
PowerShell Get-ChildItem -Path $ENVUSERPROFILEDesktop -Recurse -Force Measure-Object -Property Length -Sum
VirusTotal CProgramData{ybvuwci.uhn
File CProgramData{ybvuwci.uhn
2019-06-29 2155 - 2019-06-29 2155 - 000012554 _____ CProgramData{ybvuwci.uhn
2019-06-29 2155 - 2019-06-29 2155 - 000000000 _____ CProgramData678759991
CustomCLSID HKUS-1-5-21-1410936417-1045171731-3576322853-1001_ClassesCLSID{62634D95-960B-4834-8E71-A70408AD8FD9}InprocServer32 - CUsersmarysAppDataLocalGoogleUpdate1.3.34.7psuser_64.dll = No File
ContextMenuHandlers1 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File
ContextMenuHandlers1 [ANotepad++64] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} = - No File
ContextMenuHandlers1 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File
ContextMenuHandlers3 [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] - {4A7C4306-57E0-4C0C-83A9-78C1528F618C} = - No File
ContextMenuHandlers4 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File
ContextMenuHandlers6 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File
AlternateDataStreams CUsersmarysApplication Data00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams CUsersmarysApplication Data6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams CUsersmarysData aplikac�00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams CUsersmarysData aplikac�6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams CUsersmarysAppDataRoaming00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams CUsersmarysAppDataRoaming6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams CUsersPublicShared FilesVersionCache [480]
FirewallRules [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC)
FirewallRules [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC)
Hosts
EmptyTemp
End
*****************
CloseProcesses => Error: No automatic fix found for this entry.
CreateRestorePoint => Error: No automatic fix found for this entry.
PowerShell Get-ChildItem -Path $ENVUSERPROFILEDesktop -Recurse -Force Measure-Object -Property Length -Sum => Error: No automatic fix found for this entry.
VirusTotal CProgramData{ybvuwci.uhn => Error: No automatic fix found for this entry.
File CProgramData{ybvuwci.uhn => Error: No automatic fix found for this entry.
"2019-06-29 2155 - 2019-06-29 2155 - 000012554 _____ CProgramData{ybvuwci.uhn" => not found
"2019-06-29 2155 - 2019-06-29 2155 - 000000000 _____ CProgramData678759991" => not found
CustomCLSID HKUS-1-5-21-1410936417-1045171731-3576322853-1001_ClassesCLSID{62634D95-960B-4834-8E71-A70408AD8FD9}InprocServer32 - CUsersmarysAppDataLocalGoogleUpdate1.3.34.7psuser_64.dll = No File => Error: No automatic fix found for this entry.
ContextMenuHandlers1 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers1 [ANotepad++64] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers1 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers3 [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] - {4A7C4306-57E0-4C0C-83A9-78C1528F618C} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers4 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers6 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysApplication Data00e481b5e22dbe1f649fcddd505d3eb7 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysApplication Data6699d3ee8dd9cf775caae782c8f44f03 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysData aplikac�00e481b5e22dbe1f649fcddd505d3eb7 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysData aplikac�6699d3ee8dd9cf775caae782c8f44f03 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysAppDataRoaming00e481b5e22dbe1f649fcddd505d3eb7 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysAppDataRoaming6699d3ee8dd9cf775caae782c8f44f03 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersPublicShared FilesVersionCache [480] => Error: No automatic fix found for this entry.
FirewallRules [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC) => Error: No automatic fix found for this entry.
FirewallRules [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC) => Error: No automatic fix found for this entry.
Hosts => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.
==== End of Fixlog 17:57:29 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by marys (16-07-2019 17:57:29) Run:2
Running from C:\Users\marys\Desktop
Loaded Profiles: marys (Available Profiles: marys & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses
CreateRestorePoint
PowerShell Get-ChildItem -Path $ENVUSERPROFILEDesktop -Recurse -Force Measure-Object -Property Length -Sum
VirusTotal CProgramData{ybvuwci.uhn
File CProgramData{ybvuwci.uhn
2019-06-29 2155 - 2019-06-29 2155 - 000012554 _____ CProgramData{ybvuwci.uhn
2019-06-29 2155 - 2019-06-29 2155 - 000000000 _____ CProgramData678759991
CustomCLSID HKUS-1-5-21-1410936417-1045171731-3576322853-1001_ClassesCLSID{62634D95-960B-4834-8E71-A70408AD8FD9}InprocServer32 - CUsersmarysAppDataLocalGoogleUpdate1.3.34.7psuser_64.dll = No File
ContextMenuHandlers1 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File
ContextMenuHandlers1 [ANotepad++64] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} = - No File
ContextMenuHandlers1 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File
ContextMenuHandlers3 [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] - {4A7C4306-57E0-4C0C-83A9-78C1528F618C} = - No File
ContextMenuHandlers4 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File
ContextMenuHandlers6 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File
AlternateDataStreams CUsersmarysApplication Data00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams CUsersmarysApplication Data6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams CUsersmarysData aplikac�00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams CUsersmarysData aplikac�6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams CUsersmarysAppDataRoaming00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams CUsersmarysAppDataRoaming6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams CUsersPublicShared FilesVersionCache [480]
FirewallRules [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC)
FirewallRules [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC)
Hosts
EmptyTemp
End
*****************
CloseProcesses => Error: No automatic fix found for this entry.
CreateRestorePoint => Error: No automatic fix found for this entry.
PowerShell Get-ChildItem -Path $ENVUSERPROFILEDesktop -Recurse -Force Measure-Object -Property Length -Sum => Error: No automatic fix found for this entry.
VirusTotal CProgramData{ybvuwci.uhn => Error: No automatic fix found for this entry.
File CProgramData{ybvuwci.uhn => Error: No automatic fix found for this entry.
"2019-06-29 2155 - 2019-06-29 2155 - 000012554 _____ CProgramData{ybvuwci.uhn" => not found
"2019-06-29 2155 - 2019-06-29 2155 - 000000000 _____ CProgramData678759991" => not found
CustomCLSID HKUS-1-5-21-1410936417-1045171731-3576322853-1001_ClassesCLSID{62634D95-960B-4834-8E71-A70408AD8FD9}InprocServer32 - CUsersmarysAppDataLocalGoogleUpdate1.3.34.7psuser_64.dll = No File => Error: No automatic fix found for this entry.
ContextMenuHandlers1 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers1 [ANotepad++64] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers1 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers3 [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] - {4A7C4306-57E0-4C0C-83A9-78C1528F618C} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers4 [7-Zip] - {23170F69-40C1-278A-1000-000100020000} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers6 [BriefcaseMenu] - {85BBD920-42A0-1069-A2E4-08002B30309D} = - No File => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysApplication Data00e481b5e22dbe1f649fcddd505d3eb7 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysApplication Data6699d3ee8dd9cf775caae782c8f44f03 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysData aplikac�00e481b5e22dbe1f649fcddd505d3eb7 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysData aplikac�6699d3ee8dd9cf775caae782c8f44f03 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysAppDataRoaming00e481b5e22dbe1f649fcddd505d3eb7 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersmarysAppDataRoaming6699d3ee8dd9cf775caae782c8f44f03 [394] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersPublicShared FilesVersionCache [480] => Error: No automatic fix found for this entry.
FirewallRules [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC) => Error: No automatic fix found for this entry.
FirewallRules [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}Cusersmarysappdatalocalgooglechromeapplicationchrome.exe] = (Block) Cusersmarysappdatalocalgooglechromeapplicationchrome.exe (Google LLC - Google LLC) => Error: No automatic fix found for this entry.
Hosts => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.
==== End of Fixlog 17:57:29 ====
Re: Kontrola logu problemy malwarebytes
Fixlist bol zle skopirovany, chybaju v nom lomitka a dvojbodky. Je potrebne to spustit este raz.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
aha omlouvám se
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by marys (16-07-2019 23:01:23) Run:3
Running from C:\Users\marys\Desktop
Loaded Profiles: marys (Available Profiles: marys & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\ProgramData\{ybvuwci.uhn
File: C:\ProgramData\{ybvuwci.uhn
2019-06-29 21:55 - 2019-06-29 21:55 - 000012554 _____ C:\ProgramData\{ybvuwci.uhn
2019-06-29 21:55 - 2019-06-29 21:55 - 000000000 _____ C:\ProgramData\678759991
CustomCLSID: HKU\S-1-5-21-1410936417-1045171731-3576322853-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\marys\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\marys\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\marys\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\marys\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\marys\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\marys\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\marys\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
FirewallRules: [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}C:\users\marys\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marys\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}C:\users\marys\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marys\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 123
Average :
Sum : 9052863
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
VirusTotal: C:\ProgramData\{ybvuwci.uhn => https://www.virustotal.com/file/d0a2586 ... 563310903/
========================= File: C:\ProgramData\{ybvuwci.uhn ========================
C:\ProgramData\{ybvuwci.uhn
File not signed
MD5: 05D7668666B718C41F8CE57C65F5265E
Creation and modification date: 2019-06-29 21:55 - 2019-06-29 21:55
Size: 000012554
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
C:\ProgramData\{ybvuwci.uhn => moved successfully
C:\ProgramData\678759991 => moved successfully
HKU\S-1-5-21-1410936417-1045171731-3576322853-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
C:\Users\marys\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
C:\Users\marys\Application Data => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully
"C:\Users\marys\Data aplikací" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\marys\Data aplikací" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
"C:\Users\marys\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\marys\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}C:\users\marys\appdata\local\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}C:\users\marys\appdata\local\google\chrome\application\chrome.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 221651323 B
Java, Flash, Steam htmlcache => 417382243 B
Windows/system/drivers => 46484063 B
Edge => 3592743 B
Chrome => 487859922 B
Firefox => 113205581 B
Opera => 36231344 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 44092 B
LocalService => 0 B
NetworkService => 3614 B
NetworkService => 0 B
marys => 661431521 B
Administrator => 48702065 B
RecycleBin => 215142 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:04:25 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by marys (16-07-2019 23:01:23) Run:3
Running from C:\Users\marys\Desktop
Loaded Profiles: marys (Available Profiles: marys & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\ProgramData\{ybvuwci.uhn
File: C:\ProgramData\{ybvuwci.uhn
2019-06-29 21:55 - 2019-06-29 21:55 - 000012554 _____ C:\ProgramData\{ybvuwci.uhn
2019-06-29 21:55 - 2019-06-29 21:55 - 000000000 _____ C:\ProgramData\678759991
CustomCLSID: HKU\S-1-5-21-1410936417-1045171731-3576322853-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\marys\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\marys\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\marys\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\marys\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\marys\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\marys\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\marys\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
FirewallRules: [TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}C:\users\marys\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marys\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}C:\users\marys\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marys\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 123
Average :
Sum : 9052863
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
VirusTotal: C:\ProgramData\{ybvuwci.uhn => https://www.virustotal.com/file/d0a2586 ... 563310903/
========================= File: C:\ProgramData\{ybvuwci.uhn ========================
C:\ProgramData\{ybvuwci.uhn
File not signed
MD5: 05D7668666B718C41F8CE57C65F5265E
Creation and modification date: 2019-06-29 21:55 - 2019-06-29 21:55
Size: 000012554
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
C:\ProgramData\{ybvuwci.uhn => moved successfully
C:\ProgramData\678759991 => moved successfully
HKU\S-1-5-21-1410936417-1045171731-3576322853-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
C:\Users\marys\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
C:\Users\marys\Application Data => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully
"C:\Users\marys\Data aplikací" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\marys\Data aplikací" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
"C:\Users\marys\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\marys\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7BCC820-BD93-4AD8-8EEE-7513DC6DCECE}C:\users\marys\appdata\local\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B0CDF0B1-4659-4FCA-BA58-BAA4AD0F4473}C:\users\marys\appdata\local\google\chrome\application\chrome.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 221651323 B
Java, Flash, Steam htmlcache => 417382243 B
Windows/system/drivers => 46484063 B
Edge => 3592743 B
Chrome => 487859922 B
Firefox => 113205581 B
Opera => 36231344 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 44092 B
LocalService => 0 B
NetworkService => 3614 B
NetworkService => 0 B
marys => 661431521 B
Administrator => 48702065 B
RecycleBin => 215142 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:04:25 ====
Re: Kontrola logu problemy malwarebytes
Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
Tak jediný problém bylo, že mi malwarebytes vyhodil ten první nález co je v prvním příspěvku, který me hodně vyděsil pc zatím jede v pohodě. Děkuji
Re: Kontrola logu problemy malwarebytes
Ano, tie nalezy vyzerali na malware, ale PC by uz mal byt cisty.
Tak este upraceme po pouzitych nastrojoch:
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola logu problemy malwarebytes
Super šikovné děkuji log asi neni potreba smazalo to všechny nástroje a nic navíc.