Ahoj všichni, protože jste mi tady vždy vyřešili všechny mé problémy, píšu zase.

Začal se mi sekat PC při hraní Valorantu. Prostě se na pár sekund sekne obraze, na pár odsekne a takhle pořád dokola. Jediné co okamžitě pomůže, je restart PC. Pak to běží normálně. Stává se to pořád.

Před týdnem se to sekalo pouze, pokud jsem na TV zapnula Netflix, pak se ta hra totálně kousla. Nechápala jsem, řešila s poskytovatelem připojení, že oni musí mít nějaký problém, že to neutáhne internet. Tím to prý nebylo, ale vyměnil router za nový (starý měl už 10 let). Po výměně fungovalo, a to tak, že s Netflixem se to už "netlouklo". Nicméně seká se to dál.

Přikládám dolů logy, udělala jsem vše jak vždy radíte v jiných podobných tématech.

Díky všem předem za pomoc.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-11-2022
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2251)
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Admin\AppData\Local\Tencent
Deleted C:\Users\Admin\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Classes\.bgl

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1699 octets] - [11/12/2022 19:00:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.12.22
Čas skenování: 19:07
Logovací soubor: a3bcc566-797e-11ed-b770-0492265a9f28.json

-Informace o softwaru-
Verze: 4.5.18.226
Verze komponentů: 1.0.1838
Aktualizovat verzi balíku komponent: 1.0.63300
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19045.2251)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-714HDFE\kubas

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 355227
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 0
Uplynulý čas: 2 min, 54 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
Adware.PushNotifications, C:\USERS\KUBAS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Žádná uživatelská akce, 352, 947073, 1.0.63300, , ame, , C41F8CD47F2F0F970BB0E68F574BF23D, D6558BA0BDC6E6C7C450992DCDBBBF18E96F4848C3D04BEDC862D5E99821E517

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

----------------------------------------------------------------------------
CrystalDiskInfo 8.17.11 (C) 2008-2022 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19045] (x64)
Date : 2022/12/11 19:16:23

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- ST2000DM008-2FR102
- Řadič prostorů úložišť [SCSI]
- Xvdd SCSI Miniport [SCSI]
+ Řadič Standard NVM Express [SCSI]
- Samsung SSD 970 EVO 500GB

-- Disk List ---------------------------------------------------------------
(01) ST2000DM008-2FR102 : 2000,3 GB [0/0/0, pd1]
(02) Samsung SSD 970 EVO 500GB : 500,1 GB [1/1/0, sq] - nv

----------------------------------------------------------------------------
(01) ST2000DM008-2FR102
----------------------------------------------------------------------------
Model : ST2000DM008-2FR102
Firmware : 0001
Serial Number : ZFL158GG
Disk Size : 2000,3 GB (8,4/137,4/2000,3/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 5
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 8349 hodin
Power On Count : 2706 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, NCQ, TRIM, GPL
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _76 _64 __6 00000228E209 Počet chyb čtení
03 _99 _98 __0 000000000000 Čas na roztočení ploten
04 _90 _90 _20 000000002BDE Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _77 _60 _45 000002FFA24E Počet chybných hledání
09 _91 _91 __0 87D90000209D Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 _20 000000000A92 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _69 _61 _40 00001F18001F Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000016 Počet vypnutí disku
C1 _60 _60 __0 00000001401B Počet cyklů načítání/vymazání
C2 _31 _40 __0 00140000001F Teplota
C3 _76 _64 __0 00000228E209 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 DA3400000A10 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000343BA6194 Celkový zápis
F2 100 253 __0 0002E711BD96 Celkový čtení

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A46 4C31 3538 4747
020: 0000 0000 0000 3030 3031 2020 2020 5354 3230 3030
030: 444D 3030 382D 3246 5231 3032 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0100
070: 0000 0000 0000 0000 0000 001F 870E 0006 00CC 0040
080: 07F0 006D 346B 7569 4163 3469 B449 4163 207F 0064
090: 0064 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 0008 6003 0000 5000 C500
110: C32D 49E9 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 5000 0000 0000
140: 0000 0000 0000 0000 0000 0000 BDFF 0000 0000 0000
150: 0008 0000 BDFF 0827 0000 8000 0000 0184 AD00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 30A5 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 68A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 4C 40 09 E2 28 02 00 00 00 03 03
010: 00 63 62 00 00 00 00 00 00 00 04 32 00 5A 5A DE
020: 2B 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4D 3C 4E A2 FF 02 00 00 00 09 32
040: 00 5B 5B 9D 20 00 00 D9 87 04 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 62 62 92 0A 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 45 3D 1F 00 18 1F 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 16 00 00 00 00
0C0: 00 00 C1 32 00 3C 3C 1B 40 01 00 00 00 00 C2 22
0D0: 00 1F 28 1F 00 00 00 14 00 00 C3 1A 00 4C 40 09
0E0: E2 28 02 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 10 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 C8 C8 00 00 00 00 00 00 00 F0 00 00 64 FD 10
110: 0A 00 00 34 DA 2F F1 00 00 64 FD 94 61 BA 43 03
120: 00 00 F2 00 00 64 FD 96 BD 11 E7 02 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 C7 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 06 02 02 02 02 00 00 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 A8 4B E5 25 56 1B 00 00
1B0: 00 00 00 00 01 00 92 D0 94 61 BA 43 03 00 00 00
1C0: 96 BD 11 E7 02 00 00 00 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 4D 18 00 00 01 00 00 00
1E0: 00 00 00 00 E5 06 00 00 00 00 00 00 00 00 03 02
1F0: 05 00 00 00 00 00 00 00 00 00 03 19 00 00 00 B1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 2D 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 F0 00 00 00 00 00
110: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
120: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30

----------------------------------------------------------------------------
(02) Samsung SSD 970 EVO 500GB
----------------------------------------------------------------------------
Model : Samsung SSD 970 EVO 500GB
Firmware : 2B2QEXE7
Serial Number : S466NX0M856236W
Disk Size : 500,1 GB
Interface : NVM Express
Standard : NVM Express 1.3
Transfer Mode : PCIe 3.0 x2 | PCIe 3.0 x4
Power On Hours : 6433 hodin
Power On Count : 2710 krát
Host Reads : 65601 GB
Host Writes : 29741 GB
Temperature : 41 C (105 F)
Health Status : Dobrý (97 %)
Features : S.M.A.R.T., TRIM, VolatileWriteCache
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Kritické varování
02 00000000013B Složená teplota
03 000000000064 Rezerva k dispozici
04 00000000000A Dostupná náhradní prahová hodnota
05 000000000003 Použité procento
06 000008333F54 Čtení datových jednotek
07 000003B7BBF2 Zapsané datové jednotky
08 000040385062 Příkazy pro hostitelské čtení
09 0000221E0546 Příkazy pro zápis hostitele
0A 000000000E58 Čas obsazení řadiče
0B 000000000A96 Napájecí cykly
0C 000000001921 Hodiny napájení
0D 000000000025 Nebezpečné vypnutí
0E 000000000000 Chyby v médiích a integritě dat
0F 000000000B4F Počet položek protokolu chybových informací

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 144D 144D 3453 3636 584E 4D30 3538 3236 3633 2057
010: 2020 2020 6153 736D 6E75 2067 5353 2044 3739 2030
020: 5645 204F 3035 4730 2042 2020 2020 2020 2020 2020
030: 2020 2020 4232 5132 5845 3745 3802 0025 0900 0004
040: 0300 0001 0D40 0003 1200 007A 0000 0000 0000 0000
050: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0307
130: 0316 043F 0101 0166 0166 0000 0000 0000 0000 0000
140: 6000 70C0 0074 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0023 0000
160: 0000 0001 0164 0166 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 3A 01 64 0A 03 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: C9 3F 33 08 00 00 00 00 00 00 00 00 00 00 00 00
030: 11 BC B7 03 00 00 00 00 00 00 00 00 00 00 00 00
040: 22 56 38 40 00 00 00 00 00 00 00 00 00 00 00 00
050: 70 07 1E 22 00 00 00 00 00 00 00 00 00 00 00 00
060: 58 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: 96 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 21 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 4F 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 3A 01 4D 01 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Admin (Administrator) on 11.12.2022 at 19:33:28,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\mntemp (File)



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2022 at 19:34:58,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Program : RogueKiller Anti-Malware
Version : 15.6.3.0
x64 : Yes
Program Date : Nov 15 2022
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : kubas
User is Admin : Yes
Date : 2022/12/11 18:56:49
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 9
Found items : 4
Total scanned : 1015
Signatures Version : 20221208_111701
Truesight Driver : Yes
Updates Count : 0
Arguments : -minimize

************************* Warnings *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************
>>>>>> O4 - Run
├── [Adw.Gen (Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|Wondershare Helper Compact.exe -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (missing) -> Found
├── [Adw.Gen (Malicious)] (X86) (Wondershare Technology Co.,Ltd) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|Wondershare Helper Compact.exe -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe -> Found
├── [Suspicious.Path (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Microsoft\Windows\CurrentVersion\Run|Yunite Client -- C:\Users\kubas\AppData\Local\YuniteClient\YuniteClient.lnk (missing) -> Found
└── [Suspicious.Path (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Microsoft\Windows\CurrentVersion\Run|vibranceGUI -- "C:\Users\kubas\AppData\Local\Temp\Rar$EXa22676.2739\vibranceGUI.exe" -minimized (missing) -> Found

************************* WMI *************************

************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************

Vlož log z HJT:
https://sourceforge.net/projects/hjt/fi ... e/download

--------------
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

----------
. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
--------------
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

--------------

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
https://www.majorgeeks.com/mg/getmirror ... ool,1.html
https://www.majorgeeks.com/mg/get/sopho ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

ještě memtest, běžel 2,5 hodiny

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:54, on 11.12.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\kubas\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [ccleaner_update_helper] C:\Program Files\CCleaner\ccleaner_update_helper.exe
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\kubas\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Synapse3] "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized
O4 - HKCU\..\Run: [LGHUB] "C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe" --minimized
O4 - HKCU\..\Run: [Yunite Client] C:\Users\kubas\AppData\Local\YuniteClient\YuniteClient.lnk
O4 - HKCU\..\Run: [livelywpf] "C:\Users\kubas\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe"
O4 - HKCU\..\Run: [vibranceGUI] "C:\Users\kubas\AppData\Local\Temp\Rar$EXa22676.2739\vibranceGUI.exe" -minimized
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_30863D77BE8ECC26553ABDA4C9022E6E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user')
O4 - Global Startup: AVG Secure VPN.lnk = C:\Program Files\AVG\Secure VPN\Vpn.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{41766173-7453-6f66-7477-617265415357}: NameServer = 100.126.0.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service: AVG Tools - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_257b0 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.99\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem22.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem22.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LGHUB Updater Service (LGHUBUpdaterService) - Logitech, Inc. - C:\Program Files\LGHUB\lghub_updater.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - D:\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: AVG Secure VPN (SecureVPN) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Secure VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15403 bytes

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Admin (Administrator) on 11.12.2022 at 22:02:44,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2022 at 22:04:08,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.12.22
Čas skenování: 21:56
Logovací soubor: 5724ca92-7996-11ed-afa2-0492265a9f28.json

-Informace o softwaru-
Verze: 4.5.18.226
Verze komponentů: 1.0.1838
Aktualizovat verzi balíku komponent: 1.0.63306
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19045.2251)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-714HDFE\kubas

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 355542
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 2 min, 42 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
Adware.PushNotifications, C:\USERS\KUBAS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Nahrazen, 352, 947073, 1.0.63306, , ame, , DF3EEC17291E41F56B686DC93BE1FF73, 60CFAE8DA343ACD662C7A9CFCD24FCBF254379A184C642130D4A24BB2ED83FF8

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Program : RogueKiller Anti-Malware
Version : 15.6.3.0
x64 : Yes
Program Date : Nov 15 2022
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : kubas
User is Admin : Yes
Date : 2022/12/11 21:21:28
Type : Removal
Aborted : No
Scan Mode : Quick
Duration : 8
Found items : 4
Total scanned : 1016
Signatures Version : 20221208_111701
Truesight Driver : Yes
Updates Count : 0
Arguments : -minimize

************************* Warnings *************************

************************* Removal *************************
[Adw.Gen (Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|Wondershare Helper Compact.exe -- [%ProgramFiles%\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Adw.Gen
[+] Name : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|Wondershare Helper Compact.exe
[+] value : [%ProgramFiles%\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe]
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 2
[+] id : 0
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : 0

[Adw.Gen (Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|Wondershare Helper Compact.exe -- [%programfiles(x86)%\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Adw.Gen
[+] Name : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|Wondershare Helper Compact.exe
[+] value : [%programfiles(x86)%\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe]
[+] Type : Registry
[+] file_hash : 546DBCC7A073099096A027EFBA2598B8242476A0EE20D7026DDEE2251B0EDF57
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 2
[+] id : 1
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : 0

[Suspicious.Path (Potentially Malicious)] HKEY_USERS\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Microsoft\Windows\CurrentVersion\Run|Yunite Client -- [%localappdata%\YuniteClient\YuniteClient.lnk] -> Deleted
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_USERS\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Microsoft\Windows\CurrentVersion\Run|Yunite Client
[+] value : [%localappdata%\YuniteClient\YuniteClient.lnk]
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 2
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[Suspicious.Path (Potentially Malicious)] HKEY_USERS\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Microsoft\Windows\CurrentVersion\Run|vibranceGUI -- [%localappdata%\Temp\Rar$EXa22676.2739\vibranceGUI.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_USERS\S-1-5-21-2128135438-1500383730-4247541024-1002\Software\Microsoft\Windows\CurrentVersion\Run|vibranceGUI
[+] value : [%localappdata%\Temp\Rar$EXa22676.2739\vibranceGUI.exe]
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 3
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1