Stránka 1 z 1
Prosím o kontrolu logu, došlo k úniku hesla na email
Napsal: 12 črc 2024 09:14
od coura
Dobrý den,
prosím o kontrolu logu, moc děkuji
Re: Prosím o kontrolu logu, došlo k úniku hesla na email
Napsal: 12 črc 2024 12:12
od Rudy
Zdravím!
1. opatření je změna dotčeného hesla. Pak spusťte tuto utilitu:
Ulozte na plochu AdwCleaner
https://malwarebytes.com/adwcleaner/ nebo
http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Re: Prosím o kontrolu logu, došlo k úniku hesla na email
Napsal: 12 črc 2024 12:32
od coura
Dle logu je čisto, nabídlo to jen sken
Kód: Vybrat vše
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-12-2024
# Duration: 00:00:04
# OS: Windows 11 (Build 22631.3737)
# Scanned: 32107
# Detected: 5
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoServiceBridge Folder C:\Users\jkkoc\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
AdwCleaner[S00].txt - [1972 octets] - [12/07/2024 13:29:32]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Re: Prosím o kontrolu logu, došlo k úniku hesla na email
Napsal: 12 črc 2024 13:49
od Rudy
Jj. Preinstalled jsou utility od Lenovo. Otevřte poznámkový blok a zkopírujte do něj:
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3199377002-728603182-1310565619-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jkkoc\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3199377002-728603182-1310565619-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jkkoc\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3199377002-728603182-1310565619-1001\...\RunOnce: [Uninstall 24.111.0602.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jkkoc\AppData\Local\Microsoft\OneDrive\24.111.0602.0003" [0 2024-07-02] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {842A9EAD-64C2-4444-9A78-387F9C0AB9E0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{85EC677E-F3FD-47FF-ABB0-9794D36D41E0} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
CustomCLSID: HKU\S-1-5-21-3199377002-728603182-1310565619-1001_Classes\CLSID\{99797075-2ec2-4592-b4e1-8e2d2107de07}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
ShellExecuteHooks-x32: No Name - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - -> No File
AlternateDataStreams: C:\Users\jkkoc\Downloads\Svatba:com.dropbox.attrs [54]
BHO: No Name -> {24B1ECCE-C23F-498E-8347-AE074A4FB8CF}' -> No File
BHO-x32: No Name -> {24B1ECCE-C23F-498E-8347-AE074A4FB8CF}' -> No File
EmptyTemp:
End
Uložte do C:\Users\jkkoc\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.