infekce

StaráLama · Příspěvek od **StaráLama** » 24 lis 2025 10:15

Zdravím odborníky,
průběžné pokusy použít odkazy v HJT přes 360Total S., Ccleaner, Malware Hunter, Total AV, Eset online, Mc Afee i zapnutý Firewall v Defenderu atd. Se dříve popisovaná situace v NTB Lenovo G580 s Win. 8 na 10 nelepší. K tomu občas vystřelují samovolně brnkací okna (7 virů, 3x Trojan, Všechna data zašifrována) po kliku na ně oznamuji, že licence na Mc Afee vypršela, Norton- prodlužte oprávnění atd.
Prosím o kontrolu logu a jak si dále počínat.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:55:36, on 24.11.2025
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)

Boot mode: Normal

Running processes:
C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
C:\Users\vlad\Autodesk\Genuine Service\GenuineService.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
C:\Program Files (x86)\360\Total Security\safemon\PopWndLog.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\crashhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\vlad\Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\SysWOW64\userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QHSafeTray] "C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe" /start
O4 - HKCU\..\Run: [VideoDownloadCapture] C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe /autoStart
O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_392257826694F9B020490AE9C384473E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [360DesktopLite] "C:\ProgramData\360TotalSecurity\DesktopPlus\DesktopPlus64.exe" /auto
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: GenuineService.lnk = C:\Users\vlad\Autodesk\Genuine Service\GenuineService.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HD Writer.lnk = ?
O4 - Global Startup: SOLIDWORKS 2020 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\Bricscad V12\BrxProtIE.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSISAllmytubechrome - (no CLSID) - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCleaner 7 (CCleaner7) - Gen Digital Inc. - C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
O23 - Service: @C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe,-100 (CIJSRegister) - CANON INC. - C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_932baf9 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\142.0.7444.176\elevation_service.exe
O23 - Service: Interní aktualizační služba Google (GoogleUpdaterInternalService143.0.7482.0) (GoogleUpdaterInternalService143.0.7482.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe
O23 - Service: Aktualizační služba Google (GoogleUpdaterService143.0.7482.0) (GoogleUpdaterService143.0.7482.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) MPI Library Hydra Process Manager (impi_hydra) - Intel Corporation - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: MBVpnTunnelService - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: MFLocalService - Unknown owner - C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PACSPTISVR-Sound_Organizer - Sony Corporation - C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: 360 Total Security (QHActiveDefense) - Qihoo 360 Technology Co. Ltd. - C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
O23 - Service: QHProtected - Qihoo 360 Technology Co. Ltd. - C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe
O23 - Service: Remote Solver for COSMOSFloWorks 2008 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: SolidWorks Flexnet Server - Flexera Software LLC - C:\SolidWorks_Flexnet_Server\lmgrd.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SWVisualize2020.BoostService - Dassault Systemes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
O23 - Service: SWVisualize2020.Queue.Server - Dassault Systemes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16102 bytes

Příspěvek od **jaro3** » 24 lis 2025 14:25

Taky zdravím!

Odinstaluj Mc Afee pomocí RevoUninstalleru , s funkcí hledat a odinstalovat všechny části , soubory a složky , ovladače ap.

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html

Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/

na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož. A vlož sem.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
(Po skončení scanu klikni na vidličku save result a vyber export to TXT. Po chvilce se objeví okno a uložíš si log v txt kam chceš. Pak ho zkopíruj a vlož sem).

StaráLama · Příspěvek od **StaráLama** » 26 lis 2025 23:03

Pokud jsem pokyny správně pocholil, vygenerovaly se tyto dva výpisy.

# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-22-2025
# Duration: 00:03:13
# OS: Windows 10 (Build 18362.592)
# Scanned: 32108
# Detected: 89

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\vlad\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\vlad\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
PUP.Optional.Legacy C:\ProgramData\SuperEasy Software
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite
PUP.Optional.Seznam.cz C:\Users\vlad\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.ICLoader HKLM\Software\Wow6432Node\WIFIService
PUP.Adware.Heuristic HKCU\SOFTWARE\0813fcfaaa21119ce81fd4bcee1c051b
PUP.Adware.Heuristic HKCU\SOFTWARE\6C38ED07529A146BD8A6
PUP.Adware.Heuristic HKCU\SOFTWARE\D628EC005060303CE3D6
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main|HomeButtonPage
PUP.Optional.Legacy HKCU\Software\SuperEasy Software
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escort.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\esrv.EXE
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\SuperEasy Software
PUP.Optional.Legacy HKLM\Software\Wow6432Node\SuperEasy Software
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escorTlbr.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escort.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escortApp.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escortEng.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\esrv.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.MyWebShield HKU\.DEFAULT\Software\Classes\CLSID\{d79b57ed-727c-4ab8-ba67-e7c6fd30fac1}
PUP.Optional.MyWebShield HKU\S-1-5-18\Software\Classes\CLSID\{d79b57ed-727c-4ab8-ba67-e7c6fd30fac1}
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
PUP.Optional.PCProtect HKU\.DEFAULT\Software\SSProtect
PUP.Optional.PCProtect HKU\S-1-5-18\Software\SSProtect
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav
PUP.Optional.VLCStreamerDE HKLM\Software\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
PUP.Optional.VLCStreamerDE HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
PUP.Optional.YTDToolbar HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Preinstalled.LenovoPower2Go Folder C:\Users\vlad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Preinstalled.LenovoSolutionCenter Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO SOLUTION CENTER
Preinstalled.LenovoYouCam Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\YOUCAM

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\vlad\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\vlad\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
PUP.Optional.Legacy C:\ProgramData\SuperEasy Software
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite
PUP.Optional.Seznam.cz C:\Users\vlad\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.ICLoader HKLM\Software\Wow6432Node\WIFIService
PUP.Adware.Heuristic HKCU\SOFTWARE\0813fcfaaa21119ce81fd4bcee1c051b
PUP.Adware.Heuristic HKCU\SOFTWARE\6C38ED07529A146BD8A6
PUP.Adware.Heuristic HKCU\SOFTWARE\D628EC005060303CE3D6
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main|HomeButtonPage
PUP.Optional.Legacy HKCU\Software\SuperEasy Software
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escort.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\esrv.EXE
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\SuperEasy Software
PUP.Optional.Legacy HKLM\Software\Wow6432Node\SuperEasy Software
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escorTlbr.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escort.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escortApp.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\escortEng.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\esrv.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.MyWebShield HKU\.DEFAULT\Software\Classes\CLSID\{d79b57ed-727c-4ab8-ba67-e7c6fd30fac1}
PUP.Optional.MyWebShield HKU\S-1-5-18\Software\Classes\CLSID\{d79b57ed-727c-4ab8-ba67-e7c6fd30fac1}
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
PUP.Optional.PCProtect HKU\.DEFAULT\Software\SSProtect
PUP.Optional.PCProtect HKU\S-1-5-18\Software\SSProtect
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav
PUP.Optional.VLCStreamerDE HKLM\Software\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
PUP.Optional.VLCStreamerDE HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
PUP.Optional.YTDToolbar HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Preinstalled.LenovoPower2Go Folder C:\Users\vlad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Preinstalled.LenovoSolutionCenter Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO SOLUTION CENTER
Preinstalled.LenovoYouCam Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\YOUCAM

AdwCleaner[S00].txt - [10029 octets] - [22/11/2025 17:42:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Příspěvek od **jaro3** » 26 lis 2025 23:15

A Malwarebytes' Anti-Malware log je kde?

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“

Program provede opravu, po automatickém restartu klikni na Zobrazit logovací soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Další zítra.

StaráLama · Příspěvek od **StaráLama** » 28 lis 2025 06:52

Pardon, log-ů z nově staženého Anti Malwarebytes vzniklo po zadání SKEN více kvůli pokusům. Zde jsou dva počáteční.

Date Time Tick Count Process ID Thread ID Log Level Context Tag Function Name File Name Line Number Message
11/22/25 " 18:02:16.153" 91961015 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/22/25 " 18:02:16.222" 91961078 1b6c 1c9c INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/22/25 " 18:02:34.452" 91979312 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/22/25 " 18:02:34.472" 91979328 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"
11/27/25 " 16:06:11.328" 74802593 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/27/25 " 16:06:11.406" 74802671 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/27/25 " 16:06:21.972" 74813234 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 191 "Found mbtun driver."
11/27/25 " 16:06:24.995" 74816265 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 200 "Removed mbtun driver."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"

Date Time Tick Count Process ID Thread ID Log Level Context Tag Function Name File Name Line Number Message
11/22/25 " 18:02:16.153" 91961015 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/22/25 " 18:02:16.222" 91961078 1b6c 1c9c INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/22/25 " 18:02:34.452" 91979312 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/22/25 " 18:02:34.472" 91979328 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"
11/27/25 " 16:06:11.328" 74802593 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/27/25 " 16:06:11.406" 74802671 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/27/25 " 16:06:21.972" 74813234 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 191 "Found mbtun driver."
11/27/25 " 16:06:24.995" 74816265 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 200 "Removed mbtun driver."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"

Příspěvek od **jaro3** » 28 lis 2025 13:54

To není ono. Zkus znovu a v nouz. režimu.

StaráLama · Příspěvek od **StaráLama** » 29 lis 2025 11:16

Z pokynů fór, jak navodit nouzový režim reaguje v NTB jen cesta přes NASTAVENÍ, OBNOVA až k továrnímu nastavení.
Po deaktivování Firewall-u (jiný antivir na HDD není) byl spuštěn JRT v textu okna s černým pozadím je také slovo Error.

Ruční výpis:

Admin: Junk Removal Tool by Malwarebyte
Press any key to continue......
Requestin restore point.......SUCCESS
Validating restore point......FAILED OX80070002
Restore point creation encountered an error.
If you would like to continue anyway.
Press any key to continue.........
Processes
Srartup-Logon
Srartup Scheduled Task
Services
File system
Browser
(blikající kurzor)

Automaticky vznikl Txt soubor:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by vlad (Administrator) on 22.11.2025 at 2:27:22,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Deleted the following from C:\Users\vlad\AppData\Roaming\Mozilla\Firefox\Profiles\kzu170z3.default\prefs.js
user_pref(browser.search.totalSearches, 57);
user_pref(browser.urlbar.recentsearches.lastDefaultChanged, 1762243648664);

Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.11.2025 at 2:37:40,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nový LOG z antimalvare zde následuje.

Date Time Tick Count Process ID Thread ID Log Level Context Tag Function Name File Name Line Number Message
11/22/25 " 18:02:16.153" 91961015 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/22/25 " 18:02:16.222" 91961078 1b6c 1c9c INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/22/25 " 18:02:34.442" 91979296 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/22/25 " 18:02:34.452" 91979312 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/22/25 " 18:02:34.472" 91979328 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/22/25 " 18:02:39.818" 91984671 1b6c 1c9c INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"
11/27/25 " 16:06:11.328" 74802593 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/27/25 " 16:06:11.406" 74802671 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/27/25 " 16:06:21.972" 74813234 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 191 "Found mbtun driver."
11/27/25 " 16:06:24.995" 74816265 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 200 "Removed mbtun driver."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/27/25 " 16:06:25.026" 74816296 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/27/25 " 16:06:25.057" 74816328 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/27/25 " 16:06:26.576" 74817843 1ea0 2c20 INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"
11/28/25 " 20:44:30.817" 2383671 0884 2bbc INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 95 "RemoveDriver=1 ReinstallDriver=1 Version=2"
11/28/25 " 20:44:30.896" 2383750 0884 2bbc INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 136 "Driver package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun."
11/28/25 " 20:44:38.833" 2391687 0884 2bbc INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 191 "Found mbtun driver."
11/28/25 " 20:44:40.698" 2393562 0884 2bbc INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 200 "Removed mbtun driver."
11/28/25 " 20:44:40.745" 2393609 0884 2bbc INFO MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 162 "mbtun driver not found."
11/28/25 " 20:44:40.745" 2393609 0884 2bbc WARNING MBTunDriverInstaller UninstallMBTunHelper "customaction.cpp" 214 "Failed to remove C:\Program Files\Malwarebytes\Anti-Malware\mbtun, Errcode=2."
11/28/25 " 20:44:40.745" 2393609 0884 2bbc INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 152 "MBTun uninstall returned 0x00000000"
11/28/25 " 20:44:40.745" 2393609 0884 2bbc INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 51 "Target package folder: C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
11/28/25 " 20:44:40.745" 2393609 0884 2bbc INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 60 "OsVer: 12."
11/28/25 " 20:44:40.745" 2393609 0884 2bbc INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 98 "Extracting driver files, resrcName=mbtun_v2."
11/28/25 " 20:44:40.745" 2393609 0884 2bbc INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 108 "Extracted new driver files."
11/28/25 " 20:44:41.762" 2394625 0884 2bbc INFO MBTunDriverInstaller InstallMBTunHelper "customaction.cpp" 119 "Installed new driver files."
11/28/25 " 20:44:41.762" 2394625 0884 2bbc INFO MBTunDriverInstaller InstallMBTun "customaction.cpp" 360 "Removing driver package folder."
11/28/25 " 20:44:41.762" 2394625 0884 2bbc INFO MBVpnTunnelService RunMBTunInstaller "MBTun.cpp" 158 "MBTun install returned 0x00000000"

Příspěvek od **jaro3** » 29 lis 2025 14:39

Taky to není on.

Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

StaráLama · Příspěvek od **StaráLama** » včera, 15:58

----------------------------------------------------------------------------
CrystalDiskInfo 9.7.2 (C) 2008-2025 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Home 1903 [10.0 Build 18362] (x64)
Date : 2025/12/02 14:44:57

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- ST500LT012-9WS142
- Optiarc DVD RW AD-7740H
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(01) ST500LT012-9WS142 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(01) ST500LT012-9WS142
----------------------------------------------------------------------------
Model : ST500LT012-9WS142
Firmware : 0001LVM1
Serial Number : S0V0PYV1
Disk Size : 500,1 GB (7,9/137,4/500,1/----)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 34273 hodin
Power On Count : 5502 krát
Temperature : 40 C (104 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, NCQ, GPL
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 120 _78 _34 00000E7571F8 Počet chyb čtení
03 _98 _98 __0 000000000000 Čas na roztočení ploten
04 _95 _95 _20 0000000016AE Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _91 _60 _30 000156AD28BB Počet chybných hledání
09 _61 _61 __0 E76A000085E1 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _95 _95 _20 00000000157E Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 00000000C5ED Ohlášeno neopravitelných chyb
BC 100 __1 __0 004D004D0ED7 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _60 _43 _45 00062D150028 Teplota toku vzduchu
BF 100 100 __0 0000000000BA Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000038D Počet vypnutí disku
C1 __1 __1 __0 00000003F7C2 Počet cyklů načítání/vymazání
C2 _40 _57 __0 000E00000028 Teplota
C4 _62 _62 _30 4DA00000830B Počet udalostí s číslem realokování sektorů
C5 _98 _98 __0 000000000030 Počet podezřelých sektorů
C6 _98 _98 __0 000000000030 Počet neopravitelných sektorů
C7 200 163 __0 000000000CB1 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 000F 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5330 5630 5059 5631
020: 0000 8000 0004 3030 3031 4C56 4D31 5354 3530 304C
030: 5430 3132 2D39 5753 3134 3220 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 4443 000F 003F FB53 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 0048 0048
080: 01F8 0029 346B 7D09 6123 3469 BC09 6123 407F 002F
090: 002F 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 C500
110: 5AC3 07E3 0000 0000 0000 0000 0000 0000 0000 401E
120: 401E 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 00FF 0280 0004 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5F00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1031 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0002 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F6A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 78 4E F8 71 75 0E 00 00 00 03 03
010: 00 62 62 00 00 00 00 00 00 00 04 32 00 5F 5F AE
020: 16 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 5B 3C BB 28 AD 56 01 00 00 09 32
040: 00 3D 3D E1 85 00 00 6A E7 31 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 5F 5F 7E 15 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 01 01 ED C5 00 00 00 00 00 BC 32 00 64 01 D7
080: 0E 4D 00 4D 00 00 BD 3A 00 64 64 00 00 00 00 00
090: 00 00 BE 22 00 3C 2B 28 00 15 2D 06 00 00 BF 32
0A0: 00 64 64 BA 00 00 00 00 00 00 C0 32 00 64 64 8D
0B0: 03 00 00 00 00 00 C1 32 00 01 01 C2 F7 03 00 00
0C0: 00 00 C2 22 00 28 39 28 00 00 00 0E 00 00 C4 0F
0D0: 00 3E 3E 0B 83 00 00 A0 4D 16 C5 12 00 62 62 30
0E0: 00 00 00 00 00 00 C6 10 00 62 62 30 00 00 00 00
0F0: 00 00 C7 3E 00 C8 A3 B1 0C 00 00 00 00 00 FE 32
100: 00 64 64 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 63 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 E3 01 00 00 04 02 02 02 02 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 BA 00 00 00 C0 B6 F7 2A 52 70 00 00
1B0: 00 00 00 00 01 00 68 02 64 70 A2 E2 A4 82 1C 00
1C0: 02 1D E0 F6 7B CB F2 01 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 B8 13 00 00 36 01 1F 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A8

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 22 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 1E
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 FE 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 71

Firewall odstaven
Malwarebytes, Sophosvirus removal tool, Temp file cleaner, Web advisor od společnosti Mc Afee - odinstalován.
360 total security - výhoz, ale stále se po zapnutí NTB pár oken vrací.

Mnoho znaků, tak po částech.

Příspěvek od **jaro3** » včera, 16:06

Adwcleaner , smazáno? Kde je log?

špatná zpráva, ten disk je vadný. Tohle se nedá opravit.

00000000C5ED Ohlášeno neopravitelných chyb
4DA00000830B Počet udalostí s číslem realokování sektorů
000000000030 Počet podezřelých sektorů
000000000030 Počet neopravitelných sektorů

Stav se bude zhoršovat. Je třeba si zazálohovat vše potřebné. Časem se do windows už nemusíš dostat.

PC-HELP.CZ

CNEWS

infekce

infekce

Re: infekce

Re: infekce

Re: infekce

Re: infekce

Re: infekce

Re: infekce

Re: infekce

Re: infekce

Re: infekce