Prosim o kontrolu logu neco mi blokuje čestinu firewall a defendr diky
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:28, on 1. 2. 2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\lucka\Downloads\hijackthis (3).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: UESDK1.0 - Lenovo - C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 10263 bytes
Kontrola log
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)
Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/
na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)
Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/
na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-02-2021
# Duration: 00:00:42
# OS: Windows 8.1 Connected
# Scanned: 31956
# Detected: 79
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.VisualDiscovery C:\Program Files (x86)\Lenovo\VisualDiscovery
***** [ Files ] *****
PUP.Optional.VisualDiscovery C:\Windows\SysWOW64\VisualDiscovery.ini
PUP.Optional.Winsock.WnskRST C:\Windows\SysWOW64\VisualDiscoveryOff.ini
PUP.Optional.Winsock.WnskRST C:\Windows\System32\VisualDiscoveryOff.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\CLASSES\APPID\VISUALDISCOVERY.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\Superfish Inc. VisualDiscovery
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\VisualDiscovery
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Superfish Inc. VisualDiscovery
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1
Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Folder C:\Users\lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\lucka\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3117B53D-A409-4D99-A0DE-11A1A40696FA}
Preinstalled.LenovoPhoneCompanion Folder C:\Program Files\LENOVO PHONECOMPANION
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhotoMaster File C:\Users\Public\Desktop\Lenovo Photo Master.lnk
Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPower2Go File C:\Users\Public\Desktop\CyberLink Power2Go.lnk
Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPowerDVD File C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\SHAREit.lnk
Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Preinstalled.LenovoUpdate File C:\Users\Public\Desktop\Lenovo Updates.lnk
Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\LENOVO UPDATES
Preinstalled.LenovoUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO UPDATES
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-02-2021
# Duration: 00:00:42
# OS: Windows 8.1 Connected
# Scanned: 31956
# Detected: 79
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.VisualDiscovery C:\Program Files (x86)\Lenovo\VisualDiscovery
***** [ Files ] *****
PUP.Optional.VisualDiscovery C:\Windows\SysWOW64\VisualDiscovery.ini
PUP.Optional.Winsock.WnskRST C:\Windows\SysWOW64\VisualDiscoveryOff.ini
PUP.Optional.Winsock.WnskRST C:\Windows\System32\VisualDiscoveryOff.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\CLASSES\APPID\VISUALDISCOVERY.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\Superfish Inc. VisualDiscovery
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\VisualDiscovery
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Superfish Inc. VisualDiscovery
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1
Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Folder C:\Users\lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\lucka\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3117B53D-A409-4D99-A0DE-11A1A40696FA}
Preinstalled.LenovoPhoneCompanion Folder C:\Program Files\LENOVO PHONECOMPANION
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhotoMaster File C:\Users\Public\Desktop\Lenovo Photo Master.lnk
Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPower2Go File C:\Users\Public\Desktop\CyberLink Power2Go.lnk
Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPowerDVD File C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\SHAREit.lnk
Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Preinstalled.LenovoUpdate File C:\Users\Public\Desktop\Lenovo Updates.lnk
Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\LENOVO UPDATES
Preinstalled.LenovoUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO UPDATES
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
Date Time Tick Count Process ID Thread ID Log Level Context Tag Function Name File Name Line Number Message
02/02/21 " 14:32:03.381" 1115328 1a18 1978 INFO LogController CLogController::Start "logcontroller.cpp" 93 "Started logging"
02/02/21 " 14:32:03.381" 1115328 1a18 1978 INFO LogController CLogController::Start "logcontroller.cpp" 95 "Local time zone: 'Central Europe Standard Time' (UTC+01:00)"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 421 "Service Controller starting controller initialization"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 422 "Product code MBAM-C"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 423 "Product version 4.3.0.98"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 424 "Product build consumer"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 425 "MBAMService.exe version 3.2.0.943"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 426 "OS Version Windows 8.1"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 431 "Service start requested with startTray set to: 1"
02/02/21 " 14:32:03.653" 1115609 1a18 1978 WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadConfig "policiesconfighandler.cpp" 413 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\PoliciesConfig.json. Using default values."
02/02/21 " 14:32:04.040" 1115984 1a18 1978 INFO PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::ShellExtensionControl "policiesconfighandler.cpp" 1216 "Shell extension registered."
02/02/21 " 14:32:04.040" 1115984 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "servicecontrollerimplementation.cpp" 2286 "Policies Controller Started"
02/02/21 " 14:32:04.040" 1115984 1a18 1978 INFO LicenseControllerCOM CLicenseController::Start "licensecontroller.cpp" 98 "CLicenseController::Start"
02/02/21 " 14:32:04.377" 1116328 1a18 1978 INFO LicenseControllerImpl mb::licensecontrollerimpl::CLicenseControllerImpl::Initialize "licensecontrollerimplhelper.cpp" 51 "Client version (4.3.0) LicenseControllerImpl.dll (3.2.0.417)"
02/02/21 " 14:32:04.633" 1116578 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "servicecontrollerimplementation.cpp" 2316 "License Controller Started"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 WARNING UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFileEx "jsonutilities.h" 86 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 WARNING UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 42 "Failed reading file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json, error 2. Will try reading from the backup if it exists."
02/02/21 " 14:32:04.905" 1116859 1a18 1978 ERROR FileSystemUtils mb::common::io::FileSystemUtils::Copy "filesystemutils.cpp" 99 "File not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json.bak"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 ERROR UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 65 "Copy from backup failed for file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json.bak"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ReadConfig "updatecontrollerimplhelper.cpp" 465 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json not found; using default values"
02/02/21 " 14:32:05.001" 1116953 1a18 1978 WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "updatecontrollerimplhelper.cpp" 250 "Controller package version is 1.0.0 - config file may have reset"
02/02/21 " 14:32:05.073" 1117031 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetInitialPackageVersions "updatecontrollerimplhelper.cpp" 2973 "Setting initial package versions"
02/02/21 " 14:32:05.281" 1117234 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetInitialPackageVersions "updatecontrollerimplhelper.cpp" 3029 "Setting DB publication date"
02/02/21 " 14:32:05.433" 1117390 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "updatecontrollerimplhelper.cpp" 363 "COMPONENT PACKAGE VERSION: 1.0.1157, DB PACKAGE VERSION: 1.0.36625"
02/02/21 " 14:32:05.649" 1117593 1a18 1978 WARNING IrisImpl mb::common::json::JSONUtilities::ReadJSONFromFileEx "jsonutilities.h" 86 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json"
02/02/21 " 14:32:05.649" 1117593 1a18 1978 WARNING IrisImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 42 "Failed reading file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json, error 2. Will try reading from the backup if it exists."
02/02/21 " 14:32:05.649" 1117593 1a18 1978 ERROR FileSystemUtils mb::common::io::FileSystemUtils::Copy "filesystemutils.cpp" 99 "File not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json.bak"
02/02/21 " 14:32:05.649" 1117593 1a18 1978 ERROR IrisImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 65 "Copy from backup failed for file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json.bak"
02/02/21 " 14:32:05.857" 1117812 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 4971 "Signature successfully validated"
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "irisimpl.cpp" 966 "Doing immediate Iris check"
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "irisimpl.cpp" 997 "Checking for message updates from Iris"
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "irisimpl.cpp" 125 "Entering IrisCheck. Checking with Iris for messages."
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 156 "Entering SendIrisRequest with URL (https://iris.mwbsys.com/api/v2/messages ... _mode=true)."
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 188 "Sending Request to Iris Server."
02/02/21 " 14:32:06.865" 1118812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 210 "Response from Iris: {""message_collections"":[{""id"":1948,""slug"":""expt7_7day_trial_tray"",""description"":""EXPT-7: 7-Day Trial - Tray Notifications"",""collection_target_id"":106,""conditions"":[{""rank"":""0"",""ref_id"":""f1c9b820"",""messages"":[2014],""matching_conditions"":[{""matching_operator"":""eq"",""matching_condition"":""Trial"",""conditional_parameter"":""license_state""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""geq"",""matching_condition"":""2021-01-29T12:00:00Z"",""conditional_parameter"":""date_of_clean_installation""},{""matching_operator"":""eq"",""matching_condition"":""1157"",""conditional_parameter"":""component_version_patch""},{""matching_operator"":""geq"",""matching_condition"":""0"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""leq"",""matching_condition"":""4999"",""conditional_parameter"":""default_cohort_group_id""}]},{""rank"":""1"",""ref_id"":""1f6ffdd0"",""messages"":[2014],""matching_conditions"":[{""matching_operator"":""eq"",""matching_condition"":""Free"",""conditional_parameter"":""license_state""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""geq"",""matching_condition"":""2021-01-29T12:00:00Z"",""conditional_parameter"":""date_of_clean_installation""},{""matching_operator"":""eq"",""matching_condition"":""1157"",""conditional_parameter"":""component_version_patch""},{""matching_operator"":""geq"",""matching_condition"":""0"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""leq"",""matching_condition"":""4999"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""eq"",""matching_condition"":""true"",""conditional_parameter"":""license_trial_available""}]},{""rank"":""2"",""ref_id"":""d94cdae6"",""messages"":[2015],""matching_conditions"":[{""matching_operator"":""eq"",""matching_condition"":""Trial"",""conditional_parameter"":""license_state""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""geq"",""matching_condition"":""2021-01-29T12:00:00Z"",""conditi"
02/02/21 " 14:32:06.865" 1118812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 218 "SendRequest returned with statusCode [200]."
02/02/21 " 14:32:06.865" 1118812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessIrisResponse "irisimpl.cpp" 428 "Processing Iris Response..."
02/02/21 " 14:32:06.945" 1118890 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 581 "Checking for Iris content files"
02/02/21 " 14:32:06.945" 1118890 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\TrayPlugin.EXPT-7-CU26.x64.dll"
02/02/21 " 14:32:07.257" 1119203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-7-CU26.x64.dll"
02/02/21 " 14:32:07.609" 1119562 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-71-CU26.x64.dll"
02/02/21 " 14:32:07.865" 1119812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-133-CU22.x64.dll"
02/02/21 " 14:32:08.065" 1120015 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 4975 "DB manifest successfully validated"
02/02/21 " 14:32:08.065" 1120015 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5278 "Validated DB manifest - success"
02/02/21 " 14:32:08.073" 1120031 1a18 1978 WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 4959 "Manifest file not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\lkg_db\dbmanifest2.dat"
02/02/21 " 14:32:08.073" 1120031 1a18 1978 WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5283 "DB manifest validation failed!"
02/02/21 " 14:32:08.129" 1120078 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-97-CU20.x64.dll"
02/02/21 " 14:32:08.305" 1120250 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetMinSupportedCULevel "updatecontrollerimplhelper.cpp" 5961 "Minimum supported Component (CU) package version is: 1.0.1120"
02/02/21 " 14:32:08.305" 1120250 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "servicecontrollerimplementation.cpp" 2373 "Update Controller Started"
02/02/21 " 14:32:08.305" 1120250 1a18 1978 INFO CloudController CCloudController::Start "cloudcontroller.cpp" 101 "CCloudController::Initialize"
02/02/21 " 14:32:08.521" 1120468 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-97-CU16.x64.dll"
02/02/21 " 14:32:08.657" 1120609 1a18 1978 INFO CloudCtrlImpl Initialize "cloudcontrollerimpl.cpp" 58 "CC Initialize called"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 WARNING CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFileEx "jsonutilities.h" 86 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 WARNING CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 42 "Failed reading file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json, error 2. Will try reading from the backup if it exists."
02/02/21 " 14:32:08.665" 1120609 1a18 1978 ERROR FileSystemUtils mb::common::io::FileSystemUtils::Copy "filesystemutils.cpp" 99 "File not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json.bak"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 ERROR CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 65 "Copy from backup failed for file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json.bak"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 INFO CloudCtrlImpl CloudControllerImplHelper::ReadConfig "cloudcontrollerimplhelper.cpp" 4032 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json not found; using default values"
02/02/21 " 14:32:09.051" 1121000 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\mbam_scanresults_r01_drawer.1.0.0.x64.dll"
02/02/21 " 14:32:09.291" 1121250 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\mbam_modal_hdyhau.1.0.10.x64.dll"
02/02/21 " 14:32:09.363" 1121312 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "servicecontrollerimplementation.cpp" 2404 "Cloud Controller Started"
02/02/21 " 14:32:03.381" 1115328 1a18 1978 INFO LogController CLogController::Start "logcontroller.cpp" 93 "Started logging"
02/02/21 " 14:32:03.381" 1115328 1a18 1978 INFO LogController CLogController::Start "logcontroller.cpp" 95 "Local time zone: 'Central Europe Standard Time' (UTC+01:00)"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 421 "Service Controller starting controller initialization"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 422 "Product code MBAM-C"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 423 "Product version 4.3.0.98"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 424 "Product build consumer"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 425 "MBAMService.exe version 3.2.0.943"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 426 "OS Version Windows 8.1"
02/02/21 " 14:32:03.389" 1115343 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 431 "Service start requested with startTray set to: 1"
02/02/21 " 14:32:03.653" 1115609 1a18 1978 WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadConfig "policiesconfighandler.cpp" 413 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\PoliciesConfig.json. Using default values."
02/02/21 " 14:32:04.040" 1115984 1a18 1978 INFO PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::ShellExtensionControl "policiesconfighandler.cpp" 1216 "Shell extension registered."
02/02/21 " 14:32:04.040" 1115984 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "servicecontrollerimplementation.cpp" 2286 "Policies Controller Started"
02/02/21 " 14:32:04.040" 1115984 1a18 1978 INFO LicenseControllerCOM CLicenseController::Start "licensecontroller.cpp" 98 "CLicenseController::Start"
02/02/21 " 14:32:04.377" 1116328 1a18 1978 INFO LicenseControllerImpl mb::licensecontrollerimpl::CLicenseControllerImpl::Initialize "licensecontrollerimplhelper.cpp" 51 "Client version (4.3.0) LicenseControllerImpl.dll (3.2.0.417)"
02/02/21 " 14:32:04.633" 1116578 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "servicecontrollerimplementation.cpp" 2316 "License Controller Started"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 WARNING UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFileEx "jsonutilities.h" 86 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 WARNING UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 42 "Failed reading file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json, error 2. Will try reading from the backup if it exists."
02/02/21 " 14:32:04.905" 1116859 1a18 1978 ERROR FileSystemUtils mb::common::io::FileSystemUtils::Copy "filesystemutils.cpp" 99 "File not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json.bak"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 ERROR UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 65 "Copy from backup failed for file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json.bak"
02/02/21 " 14:32:04.905" 1116859 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ReadConfig "updatecontrollerimplhelper.cpp" 465 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json not found; using default values"
02/02/21 " 14:32:05.001" 1116953 1a18 1978 WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "updatecontrollerimplhelper.cpp" 250 "Controller package version is 1.0.0 - config file may have reset"
02/02/21 " 14:32:05.073" 1117031 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetInitialPackageVersions "updatecontrollerimplhelper.cpp" 2973 "Setting initial package versions"
02/02/21 " 14:32:05.281" 1117234 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetInitialPackageVersions "updatecontrollerimplhelper.cpp" 3029 "Setting DB publication date"
02/02/21 " 14:32:05.433" 1117390 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "updatecontrollerimplhelper.cpp" 363 "COMPONENT PACKAGE VERSION: 1.0.1157, DB PACKAGE VERSION: 1.0.36625"
02/02/21 " 14:32:05.649" 1117593 1a18 1978 WARNING IrisImpl mb::common::json::JSONUtilities::ReadJSONFromFileEx "jsonutilities.h" 86 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json"
02/02/21 " 14:32:05.649" 1117593 1a18 1978 WARNING IrisImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 42 "Failed reading file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json, error 2. Will try reading from the backup if it exists."
02/02/21 " 14:32:05.649" 1117593 1a18 1978 ERROR FileSystemUtils mb::common::io::FileSystemUtils::Copy "filesystemutils.cpp" 99 "File not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json.bak"
02/02/21 " 14:32:05.649" 1117593 1a18 1978 ERROR IrisImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 65 "Copy from backup failed for file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\IrisData.json.bak"
02/02/21 " 14:32:05.857" 1117812 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 4971 "Signature successfully validated"
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "irisimpl.cpp" 966 "Doing immediate Iris check"
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "irisimpl.cpp" 997 "Checking for message updates from Iris"
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "irisimpl.cpp" 125 "Entering IrisCheck. Checking with Iris for messages."
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 156 "Entering SendIrisRequest with URL (https://iris.mwbsys.com/api/v2/messages ... _mode=true)."
02/02/21 " 14:32:06.249" 1118203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 188 "Sending Request to Iris Server."
02/02/21 " 14:32:06.865" 1118812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 210 "Response from Iris: {""message_collections"":[{""id"":1948,""slug"":""expt7_7day_trial_tray"",""description"":""EXPT-7: 7-Day Trial - Tray Notifications"",""collection_target_id"":106,""conditions"":[{""rank"":""0"",""ref_id"":""f1c9b820"",""messages"":[2014],""matching_conditions"":[{""matching_operator"":""eq"",""matching_condition"":""Trial"",""conditional_parameter"":""license_state""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""geq"",""matching_condition"":""2021-01-29T12:00:00Z"",""conditional_parameter"":""date_of_clean_installation""},{""matching_operator"":""eq"",""matching_condition"":""1157"",""conditional_parameter"":""component_version_patch""},{""matching_operator"":""geq"",""matching_condition"":""0"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""leq"",""matching_condition"":""4999"",""conditional_parameter"":""default_cohort_group_id""}]},{""rank"":""1"",""ref_id"":""1f6ffdd0"",""messages"":[2014],""matching_conditions"":[{""matching_operator"":""eq"",""matching_condition"":""Free"",""conditional_parameter"":""license_state""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""geq"",""matching_condition"":""2021-01-29T12:00:00Z"",""conditional_parameter"":""date_of_clean_installation""},{""matching_operator"":""eq"",""matching_condition"":""1157"",""conditional_parameter"":""component_version_patch""},{""matching_operator"":""geq"",""matching_condition"":""0"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""leq"",""matching_condition"":""4999"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""eq"",""matching_condition"":""true"",""conditional_parameter"":""license_trial_available""}]},{""rank"":""2"",""ref_id"":""d94cdae6"",""messages"":[2015],""matching_conditions"":[{""matching_operator"":""eq"",""matching_condition"":""Trial"",""conditional_parameter"":""license_state""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""geq"",""matching_condition"":""2021-01-29T12:00:00Z"",""conditi"
02/02/21 " 14:32:06.865" 1118812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 218 "SendRequest returned with statusCode [200]."
02/02/21 " 14:32:06.865" 1118812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessIrisResponse "irisimpl.cpp" 428 "Processing Iris Response..."
02/02/21 " 14:32:06.945" 1118890 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 581 "Checking for Iris content files"
02/02/21 " 14:32:06.945" 1118890 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\TrayPlugin.EXPT-7-CU26.x64.dll"
02/02/21 " 14:32:07.257" 1119203 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-7-CU26.x64.dll"
02/02/21 " 14:32:07.609" 1119562 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-71-CU26.x64.dll"
02/02/21 " 14:32:07.865" 1119812 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-133-CU22.x64.dll"
02/02/21 " 14:32:08.065" 1120015 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 4975 "DB manifest successfully validated"
02/02/21 " 14:32:08.065" 1120015 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5278 "Validated DB manifest - success"
02/02/21 " 14:32:08.073" 1120031 1a18 1978 WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 4959 "Manifest file not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\lkg_db\dbmanifest2.dat"
02/02/21 " 14:32:08.073" 1120031 1a18 1978 WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5283 "DB manifest validation failed!"
02/02/21 " 14:32:08.129" 1120078 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-97-CU20.x64.dll"
02/02/21 " 14:32:08.305" 1120250 1a18 1978 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetMinSupportedCULevel "updatecontrollerimplhelper.cpp" 5961 "Minimum supported Component (CU) package version is: 1.0.1120"
02/02/21 " 14:32:08.305" 1120250 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "servicecontrollerimplementation.cpp" 2373 "Update Controller Started"
02/02/21 " 14:32:08.305" 1120250 1a18 1978 INFO CloudController CCloudController::Start "cloudcontroller.cpp" 101 "CCloudController::Initialize"
02/02/21 " 14:32:08.521" 1120468 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\UIPlugin.EXPT-97-CU16.x64.dll"
02/02/21 " 14:32:08.657" 1120609 1a18 1978 INFO CloudCtrlImpl Initialize "cloudcontrollerimpl.cpp" 58 "CC Initialize called"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 WARNING CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFileEx "jsonutilities.h" 86 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 WARNING CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 42 "Failed reading file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json, error 2. Will try reading from the backup if it exists."
02/02/21 " 14:32:08.665" 1120609 1a18 1978 ERROR FileSystemUtils mb::common::io::FileSystemUtils::Copy "filesystemutils.cpp" 99 "File not found: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json.bak"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 ERROR CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "jsonutilities.h" 65 "Copy from backup failed for file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json.bak"
02/02/21 " 14:32:08.665" 1120609 1a18 1978 INFO CloudCtrlImpl CloudControllerImplHelper::ReadConfig "cloudcontrollerimplhelper.cpp" 4032 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json not found; using default values"
02/02/21 " 14:32:09.051" 1121000 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\mbam_scanresults_r01_drawer.1.0.0.x64.dll"
02/02/21 " 14:32:09.291" 1121250 1a18 15a8 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 611 "Downloading IRIS QML file: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\IrisPlugins\mbam_modal_hdyhau.1.0.10.x64.dll"
02/02/21 " 14:32:09.363" 1121312 1a18 1978 INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "servicecontrollerimplementation.cpp" 2404 "Cloud Controller Started"
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
Myslis tento log k tomu malwarebytes? tam je toho hafo
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
uz to mam
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 2/2/21
Scan Time: 3:18 PM
Log File: 8d204176-6561-11eb-83a8-507b9d91ec18.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1157
Update Package Version: 1.0.36625
License: Trial
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lenovo-PC\lucka
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 221291
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 4 min, 1 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 2/2/21
Scan Time: 3:18 PM
Log File: 8d204176-6561-11eb-83a8-507b9d91ec18.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1157
Update Package Version: 1.0.36625
License: Trial
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lenovo-PC\lucka
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 221291
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 4 min, 1 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
kurva ale ja sem to delal poprvni naslo mi to 50 polozek a ja sem dal do karanteny a podruhy nenaslo nic.SPatne?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
Ne snad , ale udělej ještě znovu , jestli se to nevrátilo.
+
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“
Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
+
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“
Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-02-2021
# Duration: 00:00:03
# OS: Windows 8.1 Connected
# Cleaned: 11
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Superfish Inc. VisualDiscovery
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [10297 octets] - [02/02/2021 14:20:17]
AdwCleaner[S01].txt - [8442 octets] - [02/02/2021 17:46:14]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-02-2021
# Duration: 00:00:03
# OS: Windows 8.1 Connected
# Cleaned: 11
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Superfish Inc. VisualDiscovery
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [10297 octets] - [02/02/2021 14:20:17]
AdwCleaner[S01].txt - [8442 octets] - [02/02/2021 17:46:14]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Connected x64
Ran by lucka (Administrator) on £t 02. 02. 2021 at 17:52:09,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 4
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\VDWFP (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2B2489C6-450C-4C75-AE03-5600D36E818A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on £t 02. 02. 2021 at 17:57:29,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Connected x64
Ran by lucka (Administrator) on £t 02. 02. 2021 at 17:52:09,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 4
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\VDWFP (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2B2489C6-450C-4C75-AE03-5600D36E818A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on £t 02. 02. 2021 at 17:57:29,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
Ještě jednou Malwarebytes.
+
Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html
Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs
Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
+
Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html
Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs
Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
lycantrop321
- Level 1
- Příspěvky: 64
- Registrován: únor 21
- Pohlaví:
- Stav:
Offline
Re: Kontrola log
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 2/2/21
Scan Time: 6:11 PM
Log File: ba1d2744-6579-11eb-8a09-507b9d91ec18.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1157
Update Package Version: 1.0.36627
License: Trial
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lenovo-PC\lucka
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 221449
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 49 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
tady nic
www.malwarebytes.com
-Log Details-
Scan Date: 2/2/21
Scan Time: 6:11 PM
Log File: ba1d2744-6579-11eb-8a09-507b9d91ec18.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1157
Update Package Version: 1.0.36627
License: Trial
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lenovo-PC\lucka
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 221449
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 49 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
tady nic
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 4 hosti