Někdo se mi snaží nabourávat do účtů Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Eastrin
Level 3.5
Level 3.5
Příspěvky: 806
Registrován: duben 13
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod Eastrin » 15 zář 2021 00:30

PART 3:

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cacf0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cacf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cacf4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cad9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cadb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cadb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cadc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cadc6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cadc8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34e0-928-3cadca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c92fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c930d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c930f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c9311.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c9323.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c9325.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c9327.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c9329.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c933a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c933c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c933e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-35ec-34c9340.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d7b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d7da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d7fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d80d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d83e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d85f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d871.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d8a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d8b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d8b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d8c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d8d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d8ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d90c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d92d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d93f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d960.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d981.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3738-1584-290d9a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d642.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d644.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d646.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d658.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d65a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d65c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d65e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d66f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d671.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d673.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d675.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d687.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d689.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d68b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d69c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d69e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d6a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d6a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3dd0-854-9b5d6b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417a9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417aa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ab6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ab8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417aca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417acc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ace.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ad0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ad2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ad4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4a0-cb4-417ae6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cac0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cac2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cac4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cac6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cad8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cada.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cadc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cade.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caf3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0caf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cb07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cb09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cb0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c4-10cc-c0cb1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1bee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1bf0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1bf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1bf4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1c06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1c08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1c19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1c1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1c1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1c1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-53c-1a70-2c1e7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-991ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-99201.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-99203.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-59c-844-99215.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f727.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f729.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f72b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f72d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f73f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f741.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f743.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f745.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f747.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f789.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f78b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f78d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f78f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f7a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f7a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f7a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f7a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f7a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-660-edc-e5f7ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781737.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781739.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-78174b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-78174d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-78174f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781751.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781762.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781764.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781766.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-78177a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-78177c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-78177e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781790.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781792.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781794.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-781796.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-7817a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-29c8-7817a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b31e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3206.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3227.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3239.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b325a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b327b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b328d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b329e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b32cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b32e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b32e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b32e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3316.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3347.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3378.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b33a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b33aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b3429.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7f8-62c-7b343b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99dd8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99dda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99ddc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99ded.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99def.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99df1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99df3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-848-8dc-99e4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f896a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f896c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f896e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8a99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8aaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8abc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8abe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8ac0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8ac2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8ac4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8ad6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8ad8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8ae9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8aeb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8b89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8bd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8bdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8bec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8bee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8bf0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-878-14c8-42f8c4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-476083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-476095.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-476097.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-476099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-47609b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-2230-4760f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b855.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b867.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b869.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b86b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b86d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b87e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b880.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b882.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b884.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b896.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b898.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b89a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b08-af4-9b8c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139135.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139137.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139148.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13914a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13914c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13914e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139160.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139162.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139164.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139176.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139178.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13917a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13918b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13918d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-13918f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-139191.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-1391a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-1391a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b8c-2ae4-1391a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52654.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52665.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52667.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52669.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c5267b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c5267d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c5267f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52681.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52693.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52695.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c52697.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d44-dd8-c526d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46f98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46faa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fbd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46fe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-da8-f48-2a46ffa.tmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\WINDOWS\Installer\1c0f39e.msi" deleted
"C:\DumpStack.log.tmp" not deleted

==== Orphaned Tasks deleted from Registry ======================

uTorrent_1 deleted

==== Firefox XPI-files found: ======================

- Undetermined - C:\Program Files\Adobe\Adobe Premiere Pro 2020\Plug-Ins\XMPFiles\MXFHandler.xpi
- Undetermined - C:\Program Files\Adobe\Adobe Premiere Pro 2020\Plug-Ins\XMPFiles\REDHandler.xpi
- Onboarding - C:\Users\VENOM\Desktop\Tor Browser\Browser\browser\features\onboarding@mozilla.org.xpi
- NoScript - C:\Users\VENOM\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
caljgklbbfbcjjanaijlacgncafpegll - No path found[]
ccbpbkebodcjkknkfkpmfeciinhidaeh - No path found[]

Nuke Reddit History - VENOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aclagjkmidmkcdhkhlicmgkgmpgccaod
Personal Blocklist(not by Google) - VENOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbbbhelcpfjhdcncigdlkabmjbgokmpg

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\VENOM\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\VENOM\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\VENOM\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\VENOM\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D909FFF5F88D9B24A95823A8210916C1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5FFF909D-D88F-42B9-9A85-328A1290611C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira System Speedup_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D909FFF5F88D9B24A95823A8210916C1 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\VENOM\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\VENOM\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\VENOM\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2577 folders=1585 701770689 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\VENOM\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\VENOM\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on 15.09.2021 at 0:26:57,67 ======================
''Nelegálními se věci stávají tehdy, jakmile se stanou populární''
-Kim Dotcom

Reklama
Eastrin
Level 3.5
Level 3.5
Příspěvky: 806
Registrován: duben 13
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod Eastrin » 15 zář 2021 00:31

Problémy budu sledovat a budu informovat.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:30:38, on 15.09.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Users\VENOM\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O4 - HKLM\..\Run: [Discord] C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [AudioSwitcher] "C:\Users\VENOM\Documents\AudioSwitcher.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
O4 - HKCU\..\Run: [BakkesMod] "C:\Program Files\BakkesMod\BakkesMod.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\System32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0368925.inf_amd64_05ef22929fd9ebfc\B368707\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3e677 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\93.0.4577.82\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProtonVPN Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service: ProtonVPN Update Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @oem36.inf,%ss_conn_launcher.SvcDesc%;SAMSUNG Mobile USB Connectivity Launcher (ss_conn_launcher_service) - Unknown owner - C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SteelSeries Update Service (SteelSeriesUpdateService) - Unknown owner - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TunnelBear Maintenance (TunnelBearMaintenance) - TunnelBear - C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Install Assist Service (Wondershare InstallAssist) - Wondershare - C:\ProgramData\Wondershare\Service\InstallAssistService.exe

--
End of file - 12350 bytes
''Nelegálními se věci stávají tehdy, jakmile se stanou populární''
-Kim Dotcom

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod jaro3 » 15 zář 2021 16:34

Ok.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Eastrin
Level 3.5
Level 3.5
Příspěvky: 806
Registrován: duben 13
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod Eastrin » 15 zář 2021 18:07

Udělal jsem, po restartu a připojení k internetu mi hijackthis stále ukazuje tyto:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
''Nelegálními se věci stávají tehdy, jakmile se stanou populární''
-Kim Dotcom

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod jaro3 » 15 zář 2021 18:10

Nevadí. není to nákaza. Dej pak vědět s tím problémem.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Eastrin
Level 3.5
Level 3.5
Příspěvky: 806
Registrován: duben 13
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod Eastrin » 16 zář 2021 11:18

Dobře, zatím děkuji mockrát. Problémy budu sledovat a případně informovat.
''Nelegálními se věci stávají tehdy, jakmile se stanou populární''
-Kim Dotcom

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod jaro3 » 16 zář 2021 16:14

OK.

Zatím můžeš odinstalovat ty programy , které jsme použili , nebo ponechat.

Tady nástroj na ty ostatní:
Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Eastrin
Level 3.5
Level 3.5
Příspěvky: 806
Registrován: duben 13
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod Eastrin » 17 zář 2021 14:31

Díky

# DelFix v1.013 - Logfile created 17/09/2021 at 14:30:37
# Updated 17/04/2016 by Xplode
# Username : VENOM - DESKTOP-PGBUJ7C
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\VENOM\Desktop\adwcleaner_8.3.0.exe
Deleted : C:\Users\VENOM\Desktop\JRT.exe
Deleted : C:\Users\VENOM\Desktop\JRT.txt
Deleted : C:\Users\VENOM\Desktop\HijackThis.exe
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : C:\Users\VENOM\Downloads\hijackthis.log
Deleted : C:\Users\VENOM\Downloads\RogueKiller_setup.exe
Deleted : C:\Users\VENOM\Downloads\TFC.exe
Deleted : C:\Users\VENOM\Downloads\zoek1.rar
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #104 [Naplánovaný kontrolní bod | 09/12/2021 13:43:14]
Deleted : RP #105 [JRT Pre-Junkware Removal | 09/14/2021 05:22:59]
Deleted : RP #106 [zoek.exe restore point | 09/14/2021 22:04:49]

New restore point created !

########## - EOF - ##########
''Nelegálními se věci stávají tehdy, jakmile se stanou populární''
-Kim Dotcom

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod jaro3 » 17 zář 2021 16:34

Nemáš zač!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Eastrin
Level 3.5
Level 3.5
Příspěvky: 806
Registrován: duben 13
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod Eastrin » 16 lis 2021 22:09

Zzdravím, malwarebytes mi po době ukázal toto. Co s tím?
ssssssssssssssssssss.png
''Nelegálními se věci stávají tehdy, jakmile se stanou populární''
-Kim Dotcom

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod jaro3 » 16 lis 2021 22:39

adware , vyskakující okna.

Můžeš ještě znovu použít adwcleaner.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
kecalek
Level 3
Level 3
Příspěvky: 599
Registrován: říjen 17
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Někdo se mi snaží nabourávat do účtů

Příspěvekod kecalek » 17 lis 2021 12:41

Eastrin píše:Zzdravím, malwarebytes mi po době ukázal toto. Co s tím?
ssssssssssssssssssss.png

Do Karantény! A v nej vymazať-odstrániť.
A použiť aj radu jaro3 - AdwCleaner (Safe Mode) - čo nájde - vyhodiť.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů