Prosím o kontrolu Logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 22 úno 2021 19:36

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 22.02.21
Čas skenování: 19:08
Logovací soubor: e94c9daa-7538-11eb-bbc6-18c04d4d2549.json

-Informace o softwaru-
Verze: 4.3.0.98
Verze komponentů: 1.0.1173
Aktualizovat verzi balíku komponent: 1.0.37397
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19042.685)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-73CVO93\počítač

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 267334
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 17 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Reklama
Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 22 úno 2021 19:37

RogueKiller Anti-Malware V14.8.5.0 (x64) [Feb 12 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19042) 64 bits
Started in : Normal mode
User : po?íta? [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210222_102815, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/02/22 19:29:58 (Duration : 00:03:54)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
[PUP.InnovativeSolutions (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Innovative Solutions -- N/A -> Found
[PUP.InnovativeSolutions (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-3460323731-991323446-3131711751-1002\Software\Innovative Solutions -- N/A -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.InnovativeSolutions (Potentially Malicious)] (folder) Innovative Solutions -- C:\Users\po?íta?\AppData\Local\Innovative Solutions -> Found
[PUP.DriverToolkit (Potentially Malicious)] (shortcut) $R0TVW6T.lnk -- C:\$Recycle.Bin\S-1-5-21-3460323731-991323446-3131711751-1001\$R0TVW6T.lnk => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 22 úno 2021 19:37

Sophos nic nenašel.
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jaro3 » 22 úno 2021 20:26

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
https://uloz.to/file/nFH1LwSrGioP/zoek1-rar

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.


Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 08:08

RogueKiller Anti-Malware V14.8.5.0 (x64) [Feb 12 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19042) 64 bits
Started in : Normal mode
User : po?íta? [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210222_102815, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2021/02/23 08:02:48 (Duration : 00:03:57)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.InnovativeSolutions (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Innovative Solutions -- -> Deleted
[PUP.InnovativeSolutions (Potentially Malicious)] HKEY_USERS\S-1-5-21-3460323731-991323446-3131711751-1002\Software\Innovative Solutions -- -> Deleted
[PUP.InnovativeSolutions (Potentially Malicious)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Deleted
=> checker6 -- C:\Users\POTA~1\AppData\Local\INNOVA~1\checker6 -> Deleted
[PUP.DriverToolkit (Potentially Malicious)] $R0TVW6T.lnk -- %SystemDrive%\$Recycle.Bin\S-1-5-21-3460323731-991323446-3131711751-1001\$R0TVW6T.lnk (lnk => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe []) -> Deleted
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 08:30

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by poźˇtaź on 23.02.2021 at 8:10:41,35.
Microsoft Windows 10 Home 10.0.19042 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\POTA~1\Desktop\zoek1\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.02.2021 8:11:40 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\POTA~1\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\POTA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6mlx54s.default-release\prefs.js:

Added to C:\Users\POTA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6mlx54s.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\POTA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6mlx54s.default-release

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----

prefs__0820_.backup

==== Deleting Files \ Folders ======================

C:\Windows\SysNative\config\systemprofile\AppData\Local\CM25FD6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c2ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c2be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c2df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c2f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c303.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c314.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c326.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c376.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c388.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c399.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c3bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c3cc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c3de.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c3ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c401.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c422.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c424.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c436.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d6c-20d0-18c457.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe44.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe58.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe5a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe5e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe6f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe71.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe73.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe85.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe87.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe89.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fe9f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fea1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24fea3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24feb4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e98-b28-24feb6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5ba8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5baa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bbc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bc0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bd2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bd4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bd6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5be7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5be9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5beb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bfd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5bff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5c01.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5c12.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5c14.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5c16.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5c28.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1edc-e98-1e5c2a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9acdc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9acde.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ace0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9acf1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9acf3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9acf5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad07.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad28.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad2a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad2c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad2e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad40.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad42.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad44.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad57.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad69.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad6b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20f8-2074-9ad6d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf26.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf3a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf4b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf4d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf4f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf61.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf65.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf78.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf7c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf7e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbdf90.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbe0da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbe783.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbe7d3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2600-2004-3fbe843.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f70.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f72.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f85.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f87.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f89.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f8d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11f9f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11fa1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11fa3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11fa5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11fa7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11fb8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-690-68c-11fba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d7b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d7d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d8f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d91.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0d93.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0da5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0da7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0da9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dbc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dc0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dc2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dc4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dd6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dd8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-6a8-1124-b6d0dda.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8bd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8bf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8d0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8d2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8d6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8e8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8ea.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8ec.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8ee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d8f0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d901.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d903.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d905.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d907.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d919.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-7e0-df8-14d91b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2705bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2705de.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2705ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2705f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-270613.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-270615.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-270617.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-270628.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-27062a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-27062c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-27067c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-27067e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-270680.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-270692.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2706b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2706b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2706c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2706f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b28-44c-2706fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143620.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143631.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143633.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143635.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143647.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143649.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14364b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14364d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14365e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143660.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143662.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143674.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143686.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-143688.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14368a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14368c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14369d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-14369f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f54-1e68-1436a1.tmp deleted
"C:\DumpStack.log.tmp" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\POTA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6mlx54s.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Chrome Media Router - POTA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\POTA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\POTA~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\POTA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\POTA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\POTA~1\AppData\Local\Mozilla\Firefox\Profiles\d6mlx54s.default-release\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\POTA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\POTA~1\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=190 47603 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\POTA~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\POTA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on 23.02.2021 at 8:23:43,42 ======================
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 08:31

Zemana AntiMalware nic nenašel.
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 08:38

HJT pokaždé vyhodí chybovou hlášku (viz příloha), ale to dělal i předtím. Po kliknutí na OK kontrola pokračuje dále.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:33:54, on 23.02.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Users\počítač\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Users\počítač\Downloads\hijackthis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\počítač\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1e3111ee138b283\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1e3111ee138b283\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_36594 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\88.0.4324.182\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d392adf622e242f6\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxCUIService.exe
O23 - Service: @oem15.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service: @oem15.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8919 bytes
Přílohy
Snímek obrazovky (2).png
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 08:50

Hlavní problém stále přetrvává. Při pokusu o stažení .pps souboru z přílohy mailu https://vmail.centrum.cz/ a jeho pokusu o otevření začne prohlížeč vytvářet spoustu oken, které mají v URL řádku nějakou cestu do složky Users atd. Když však soubor napřed uložím a pak ručně otevřu, tak se vytvoří pouze jedno okno s tou samou cestou. V PC není nainstalován office, takže se .pps soubory počítač snaží otevírat v prohlížeči. Jak Office, tak i aktivační kód Windows plánuji v brzké době zakoupit, ale právě jsem si radši chtěl počítač nechat odvirovat, aby peníze za licence nebyly vyhozené...
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jaro3 » 23 úno 2021 16:35

HJT- je třeba spouštět jako správce.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost


Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 17:45

----------------------------------------------------------------------------
CrystalDiskInfo 8.11.0 (C) 2008-2021 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 19042] (x64)
Date : 2021/02/23 17:40:20

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- ASUS DRW-24D5MT
- WDC WDS500G2B0A-00SM50
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(01) WDC WDS500G2B0A-00SM50 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(01) WDC WDS500G2B0A-00SM50
----------------------------------------------------------------------------
Model : WDC WDS500G2B0A-00SM50
Firmware : 415000WD
Serial Number : 20420F809599
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-4
Minor Version : ACS-4 Revision 5
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 27 hod.
Power On Count : 79 krát
Host Reads : 209 GB
Host Writes : 214 GB
NAND Writes : 155 GB
Temperature : 31 C (87 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., APM, NCQ, TRIM, DevSleep
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 __0 000000000000 Reassigned Block Count
09 100 100 __0 00000000001B Power On Hours
0C 100 100 __0 00000000004F Power Cycle Count
A5 100 100 __0 0000002F0021 Block Erase Count (SLC)
A6 100 100 __0 000000000000 Minimum P/E Cycles
A7 100 100 __0 000000000057 Maximum Bad Blocks per die
A8 100 100 __0 000000000001 Maximum P/E Cycles
A9 100 100 __0 000000000101 Total Bad Block
AA 100 100 __0 000000000000 Grown Bad Blocks
AB 100 100 __0 000000000000 Program Fail Count
AC 100 100 __0 000000000000 Erase Fail Count
AD 100 100 __0 000000000000 Average P/E Cycles
AE 100 100 __0 000000000011 Unexpected Power Loss Count
B8 100 100 __0 000000000000 End-to-End Error Detection/Correction Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout Count
C2 _69 _40 __0 00280011001F Temperature
C7 100 100 __0 000000000000 CRC Error Count
E6 __1 __1 __0 000600000006 Media Wearout Indicator
E8 100 100 __4 000000000064 Available Reserve Space
E9 100 100 __0 00000000009B NAND GB Written
EA 100 100 __0 0000000000F6 NAND GB Written (SLC)
F1 253 253 __0 0000000000D6 Total GB Written
F2 253 253 __0 0000000000D1 Total GB Read
F4 __0 100 __0 000000000000 Temperature Throttle Status

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3230 3432 3046 3830 3935 3939 2020 2020 2020 2020
020: 0000 0000 0000 3431 3530 3030 5744 5744 4320 2057
030: 4453 3530 3047 3242 3041 2D30 3053 4D35 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4000 0200 0000 0006 3FFF 0010 003F FC10 00FB 9101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D20
070: 0000 0000 0000 0000 0000 001F 850E 0006 016C 0040
080: 0FF0 005E 306B 7409 4123 3069 B409 4123 017F 0001
090: 0001 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0008 4000 0000 5001 B448
110: BB05 AC3F 0000 0000 0000 0000 0000 0000 0000 411C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 4131 3030 3442 5744 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 2020 2020 2020 2020
180: 2020 2020 2020 2020 2020 2020 2020 2020 2020 2020
190: 2020 2020 2020 2020 2020 2020 2020 2020 2020 2020
200: 2020 2020 2020 2020 2020 2020 0000 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 11FF 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 00 05 32 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 64 64 1B 00 00 00 00 00 00 0C 32 00 64 64 4F
020: 00 00 00 00 00 00 A5 32 00 64 64 21 00 2F 00 00
030: 00 00 A6 32 00 64 64 00 00 00 00 00 00 00 A7 32
040: 00 64 64 57 00 00 00 00 00 00 A8 32 00 64 64 01
050: 00 00 00 00 00 00 A9 32 00 64 64 01 01 00 00 00
060: 00 00 AA 32 00 64 64 00 00 00 00 00 00 00 AB 32
070: 00 64 64 00 00 00 00 00 00 00 AC 32 00 64 64 00
080: 00 00 00 00 00 00 AD 32 00 64 64 00 00 00 00 00
090: 00 00 AE 32 00 64 64 11 00 00 00 00 00 00 B8 32
0A0: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
0B0: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
0C0: 00 00 C2 22 00 45 28 1F 00 11 00 28 00 00 C7 32
0D0: 00 64 64 00 00 00 00 00 00 00 E6 32 00 01 01 06
0E0: 00 00 00 06 00 00 E8 33 00 64 64 64 00 00 00 00
0F0: 00 00 E9 32 00 64 64 9B 00 00 00 00 00 00 EA 32
100: 00 64 64 F6 00 00 00 00 00 00 F1 30 00 FD FD D6
110: 00 00 00 00 00 00 F2 30 00 FD FD D1 00 00 00 00
120: 00 00 F4 32 00 00 64 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11
170: 03 00 01 00 02 0A 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 97

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 E8 04 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD

Václav Polák
Level 2.5
Level 2.5
Příspěvky: 345
Registrován: prosinec 20
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod Václav Polák » 23 úno 2021 17:46

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2021
Ran by počítač (administrator) on DESKTOP-73CVO93 (Gigabyte Technology Co., Ltd. B460MD2V) (23-02-2021 17:42:46)
Running from C:\Users\počítač\Desktop
Loaded Profiles: počítač
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis, Inc -> ) C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d392adf622e242f6\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1e3111ee138b283\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1e3111ee138b283\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\počítač\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1077176 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-10-23] (Acronis, Inc -> Acronis)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2615624 2007-10-23] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [906648 2007-10-23] (Acronis, Inc -> Acronis)
HKLM\...\Windows x64\Print Processors\Canon iP3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD99.DLL [30208 2012-08-27] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP3600 series: C:\Windows\system32\CNMLM99.DLL [385024 2012-08-27] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-22] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 relog_ap

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {60FF05C0-C780-409C-A881-DABBF25FECF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-19] (Google LLC -> Google LLC)
Task: {AA38D19A-8FBE-40C5-A886-3E2C55464837} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {BFF6D214-7823-4961-9293-24D38AB14000} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-19] (Google LLC -> Google LLC)
Task: {D8648741-24A7-48D5-9BFE-28465CD36372} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {ED0AFDF0-30A0-4820-946A-6C932AABE739} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{42328839-8b97-42d5-b17e-fc7d1dd04e2a}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF DefaultProfile: 21jata7c.default
FF ProfilePath: C:\Users\počítač\AppData\Roaming\Mozilla\Firefox\Profiles\21jata7c.default [2020-12-21]
FF ProfilePath: C:\Users\počítač\AppData\Roaming\Mozilla\Firefox\Profiles\d6mlx54s.default-release [2021-02-23]
FF DownloadDir: C:\Users\počítač\Downloads
FF NewTab: Mozilla\Firefox\Profiles\d6mlx54s.default-release -> about:newtab

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [599320 2007-10-23] (Acronis, Inc -> Acronis)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13686592 2021-02-12] (Adlice -> )
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [495832 2007-10-23] (Acronis, Inc -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2021-02-23] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 2002-09-16] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49552 2021-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [419040 2021-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-23 17:42 - 2021-02-23 17:43 - 000009871 _____ C:\Users\počítač\Desktop\FRST.txt
2021-02-23 17:42 - 2021-02-23 17:42 - 000000000 ____D C:\FRST
2021-02-23 17:41 - 2021-02-23 17:41 - 002301440 _____ (Farbar) C:\Users\počítač\Desktop\FRST64.exe
2021-02-23 17:40 - 2021-02-23 17:40 - 000001828 _____ C:\Users\počítač\Desktop\CrystalDiskInfo.lnk
2021-02-23 17:40 - 2021-02-23 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-23 17:40 - 2021-02-23 17:40 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-23 17:40 - 2021-02-23 17:40 - 000000000 _____ C:\Users\počítač\Desktop\crystal disk.txt
2021-02-23 17:39 - 2021-02-23 17:39 - 004707568 _____ (Crystal Dew World ) C:\Users\počítač\Downloads\CrystalDiskInfo8_11_0.exe
2021-02-23 17:38 - 2021-02-23 17:38 - 000000000 ____D C:\Users\počítač\Desktop\backups
2021-02-23 08:47 - 2021-02-23 08:47 - 001121280 _____ C:\Users\počítač\Downloads\Matematicka_krasa-1(1).pps
2021-02-23 08:44 - 2021-02-23 08:44 - 003113984 _____ C:\Users\počítač\Downloads\Tadž_Mahal_zevnitř(1)(1).pps
2021-02-23 08:43 - 2021-02-23 08:43 - 003113984 _____ C:\Users\počítač\Downloads\Tadž_Mahal_zevnitř.pps
2021-02-23 08:43 - 2021-02-23 08:43 - 003113984 _____ C:\Users\počítač\Downloads\Tadž_Mahal_zevnitř(1).pps
2021-02-23 08:32 - 2021-02-23 08:32 - 000388608 _____ (Trend Micro Inc.) C:\Users\počítač\Desktop\hijackthis(1).exe
2021-02-23 08:25 - 2021-02-23 17:43 - 001591349 _____ C:\Windows\ZAM.krnl.trace
2021-02-23 08:25 - 2021-02-23 08:25 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2021-02-23 08:25 - 2021-02-23 08:25 - 000003562 _____ C:\Windows\system32\Tasks\AMHelper
2021-02-23 08:25 - 2021-02-23 08:25 - 000000000 ____D C:\Users\počítač\AppData\Local\Zemana
2021-02-23 08:25 - 2021-02-23 08:25 - 000000000 ____D C:\Users\počítač\AppData\Local\AMSDK
2021-02-23 08:25 - 2021-02-23 08:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-02-23 08:25 - 2021-02-23 08:25 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-02-23 08:24 - 2021-02-23 08:24 - 012795472 _____ (Zemana Ltd. ) C:\Users\počítač\Desktop\AntiMalware_Setup.exe
2021-02-23 08:24 - 2021-02-23 08:24 - 000024266 _____ C:\Users\počítač\Desktop\zoek.txt
2021-02-23 08:23 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2021-02-23 08:10 - 2021-02-23 08:21 - 000000000 ____D C:\zoek_backup
2021-02-23 08:10 - 2021-02-23 08:10 - 000000000 ____D C:\Users\počítač\Desktop\zoek1
2021-02-23 08:10 - 2021-02-23 08:10 - 000000000 ____D C:\Users\počítač\AppData\Local\CrashDumps
2021-02-23 08:04 - 2021-02-23 08:04 - 001800862 _____ C:\Users\počítač\Desktop\zoek1.rar
2021-02-23 08:03 - 2021-02-23 08:03 - 000001295 _____ C:\Users\počítač\Desktop\rogue killer.txt
2021-02-22 19:28 - 2021-02-22 19:33 - 000000000 ____D C:\ProgramData\RogueKiller
2021-02-22 19:28 - 2021-02-22 19:28 - 040494928 _____ (Adlice Software ) C:\Users\počítač\Desktop\RogueKiller_setup.exe
2021-02-22 19:28 - 2021-02-22 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-02-22 19:28 - 2021-02-22 19:28 - 000000000 ____D C:\Program Files\RogueKiller
2021-02-22 19:17 - 2021-02-22 19:02 - 000001857 _____ C:\Users\počítač\Desktop\AdwCleaner[C01].txt
2021-02-22 19:12 - 2021-02-22 19:12 - 000000000 ____D C:\ProgramData\Sophos
2021-02-22 19:12 - 2021-02-22 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2021-02-22 19:12 - 2021-02-22 19:12 - 000000000 ____D C:\Program Files (x86)\Sophos
2021-02-22 19:10 - 2021-02-22 19:11 - 206758184 _____ (Sophos Limited) C:\Users\počítač\Downloads\Sophos Virus Removal Tool.exe
2021-02-22 19:08 - 2021-02-22 19:08 - 000001679 _____ C:\Users\počítač\Desktop\malwarebytes1.txt
2021-02-22 19:06 - 2021-02-22 19:06 - 000000873 _____ C:\Users\počítač\Desktop\JRT.txt
2021-02-22 19:04 - 2021-02-22 19:04 - 001790024 _____ (Malwarebytes) C:\Users\počítač\Desktop\JRT.exe
2021-02-22 18:52 - 2021-02-22 18:52 - 000000000 ____D C:\Users\počítač\AppData\Local\Comms
2021-02-22 18:36 - 2021-02-22 18:36 - 000003775 _____ C:\Users\počítač\Desktop\malwarebytes.txt
2021-02-22 18:35 - 2021-02-22 18:35 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-22 18:35 - 2021-02-22 18:35 - 000000000 ____D C:\Users\počítač\AppData\Local\mbam
2021-02-22 18:34 - 2021-02-22 18:34 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-22 18:34 - 2021-02-22 18:34 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-02-22 18:34 - 2021-02-22 18:34 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-02-22 18:34 - 2021-02-22 18:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-22 18:34 - 2021-02-22 18:34 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-22 18:33 - 2021-02-22 18:33 - 002084016 _____ (Malwarebytes) C:\Users\počítač\Desktop\MBSetup.exe
2021-02-22 18:31 - 2021-02-22 19:02 - 000000000 ____D C:\AdwCleaner
2021-02-22 18:30 - 2021-02-22 18:30 - 008463216 _____ (Malwarebytes) C:\Users\počítač\Desktop\AdwCleaner.exe
2021-02-22 18:24 - 2021-02-22 18:24 - 000448512 _____ (OldTimer Tools) C:\Users\počítač\Downloads\TFC.exe
2021-02-22 18:23 - 2021-02-22 18:23 - 000050688 _____ (Atribune.org) C:\Users\počítač\Downloads\ATF-Cleaner.exe
2021-02-22 18:21 - 2021-02-22 18:21 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-23 17:39 - 2020-12-21 20:17 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-23 17:38 - 2020-12-21 20:17 - 000000000 ____D C:\Users\počítač\AppData\LocalLow\Mozilla
2021-02-23 17:33 - 2020-12-21 20:10 - 000000000 __SHD C:\Users\počítač\IntelGraphicsProfiles
2021-02-23 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-23 08:28 - 2020-12-19 10:31 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-23 08:28 - 2019-12-07 15:41 - 000682184 _____ C:\Windows\system32\perfh005.dat
2021-02-23 08:28 - 2019-12-07 15:41 - 000137000 _____ C:\Windows\system32\perfc005.dat
2021-02-23 08:28 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-02-23 08:23 - 2020-12-19 10:48 - 000000000 ____D C:\Intel
2021-02-23 08:23 - 2020-09-27 08:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-23 08:23 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-23 08:23 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-02-22 19:07 - 2020-12-22 15:49 - 000000000 ____D C:\Users\počítač\AppData\Roaming\Innovative Solutions
2021-02-22 19:01 - 2020-09-27 06:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-22 18:54 - 2020-12-21 20:10 - 000000000 ____D C:\Users\počítač\AppData\Local\Packages
2021-02-22 18:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-22 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-02-22 18:50 - 2020-12-23 16:25 - 000000000 ____D C:\Users\počítač\AppData\Local\ElevatedDiagnostics
2021-02-22 18:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-02-22 18:29 - 2020-12-24 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-22 18:29 - 2020-12-21 20:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-22 18:29 - 2020-12-21 20:10 - 000000000 ____D C:\Users\počítač\AppData\Local\ConnectedDevicesPlatform
2021-02-22 18:28 - 2020-12-19 10:53 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-22 18:27 - 2020-09-27 08:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-22 18:21 - 2020-12-21 20:17 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-22 18:21 - 2020-12-21 20:11 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3460323731-991323446-3131711751-1002
2021-02-22 18:21 - 2020-12-21 20:11 - 000000000 ___RD C:\Users\počítač\OneDrive
2021-02-22 18:21 - 2020-12-21 20:10 - 000002367 _____ C:\Users\počítač\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-22 18:21 - 2020-12-19 10:52 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-22 18:21 - 2020-12-19 10:52 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-22 18:21 - 2020-09-27 08:53 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-22 18:21 - 2020-09-27 08:53 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-22 18:20 - 2020-12-19 10:46 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-02-22 18:20 - 2020-09-27 08:51 - 000000000 ____D C:\Windows\system32\Drivers\wd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
CPU: AMD Ryzen 3600
GPU: EVGA GeForce GTX 1060 3G GAMING
MB: MSI MAG B550 TOMAHAWK
RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600 MHz CL16
PSU: Seasonic CORE GC-650 - 650W
1x Kingston KC2500 PCIe NVMe M.2 - 500GB
1x WD Blue 500 GB SATA SSD
1x Segate 500 GB SATA HDD


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 13 hostů