PC-HELP.CZ

ahojte, prosím o pomoc. někdo mi mění heslo v app stream. ip adresa je někde ve vietnamu. posílám log, kounete se na něj?
předem děkuju

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:00:09, on 10.06.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)

Boot mode: Normal

Running processes:
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
C:\Users\kral_\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [Intel Driver & Support Assistant] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_48c2e68e54c92258\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_48c2e68e54c92258\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_e607f - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem0.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_48c2e68e54c92258\igfxCUIService.exe
O23 - Service: @oem61.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo Group Ltd. - C:\Program Files (x86)\Lenovo\VantageService\3.2.114.0\LenovoVantageService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Conexant UIU Service (UIUService) - Conexant Systems, Inc. - C:\WINDOWS\system32\UIUSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10459 bytes

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

všechno podle instrukcí uděláno.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-26.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-10-2020
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Default\AppData\Local\Host App Service

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4904 octets] - [10/06/2020 23:13:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.06.20
Čas skenování: 23:27
Logovací soubor: 3866c548-ab61-11ea-b236-1c3947e8e701.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.931
Aktualizovat verzi balíku komponent: 1.0.25328
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 18362.900)
CPU: x64
Systém souborů: NTFS
Uživatel: LAPTOP-0CMD3SVL\kral_

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 286136
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 9 min, 19 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Problémy žádné, po restartu se ihned instalovaly aktualizace windows.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/

uděláno podle pokynů.

log JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by kral_ (Administrator) on 12.06.2020 at 10:53:28,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.06.2020 at 11:03:56,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sophos nic nenašel, log nevznikl.

Rogue killer log:

RogueKiller Anti-Malware V14.5.0.0 (x64) [May 27 2020] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : kral_ [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200611_142510, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/06/12 13:14:04 (Duration : 00:28:01)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.

Vlož nový log z HJT + informuj o problémech

tak, konečně hotovo.
log zoek :

Zoek.exe Version 5.0.0.2 Updated 03-May-2018
Tool run by kral_ on 13.06.2020 at 16:28:22,24.
Microsoft Windows 10 Home 10.0.18362 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\kral_\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.06.2020 16:35:40 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Leapdroid deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\SUPPORTDIR deleted successfully
C:\Users\kral_\AppData\Roaming\BluestacksCN deleted successfully
C:\Users\kral_\AppData\Local\DBG deleted successfully
C:\Users\kral_\AppData\Local\NoxInsPackFileder deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\kral_\AppData\Roaming\Mozilla\Firefox\Profiles\6cnaykf6.default-release\prefs.js:

Added to C:\Users\kral_\AppData\Roaming\Mozilla\Firefox\Profiles\6cnaykf6.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\kral_\AppData\Roaming\Mozilla\Firefox\Profiles\6cnaykf6.default-release

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----

prefs__1700_.backup

==== Deleting Files \ Folders ======================

C:\Users\kral_\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C4B8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b60f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b68e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b6a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b6c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b6d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b6f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b715.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b727.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b738.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b74a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b75b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b77d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b78e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b7a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b7b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b7d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b7e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b7f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10c4-b40-17b817.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c54c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c648.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c6a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c6b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c6db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c7a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c7d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c848.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c879.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c88b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c90a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c998.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50c9f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50ca38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50ca5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50ca9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50caea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50cb1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1210-c18-50cb7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e08e3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e08f94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e0912e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e0918e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e091de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09319.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e0934a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e093f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09486.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e094c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09517.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09548.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09692.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e09711.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e0979f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e0986d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e098dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1270-2618-3e0994b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26ee8d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26ee935.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26ee9b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eea04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eea74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eea95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eeb24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eeb54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eebd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eec43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eec74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eec85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eec97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eecf7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eed37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eed97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eedd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eee37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12f4-1dcc-26eee97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-55084d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-55087e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-55088f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-5508b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-5508d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-5508e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550914.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550926.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550938.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550969.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-55098a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-5509ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-5509cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-5509fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550a0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550a4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550a61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550a82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-138c-2b70-550aa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b03fbc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b046339.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b0468f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b0473d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04780f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b047d90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04808f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04895b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b0492f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b0499ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b049d47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04a3b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04b121.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04b8a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04bdd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04c4ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04c9d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04cd8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b0-2e2c-b04d2ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-732589d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7326f64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327580.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-73275ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327620.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327893.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327a7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327a9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327ace.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327adf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327b5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327bbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327e12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327e72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-7327f8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-732801c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-73281c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1a44-24a4-732834c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3144f6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3144ffb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-314504b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-314509b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31450cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-314510d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-314513e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31451bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31451fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31452ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3145359.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31453c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3145495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31454f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3145565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31455e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3145691.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-3145730.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1bdc-15e0-31457ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258518.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-25858b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-25859d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-2585ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-2585c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-2585d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-2585f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258604.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258606.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258618.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-25862a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-25863b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-25864d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-25865f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258661.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258672.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eac-b7c-258684.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9146ecd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91470c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91471a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91471f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147280.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91472f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147320.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147361.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147392.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91473a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91473d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147463.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147484.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91474a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-91474d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147507.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147528.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f18-3470-9147559.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38b5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38b91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38ba3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38bb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38bc6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38bd8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38be9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38bfb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-29ec-25a0-b38c9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30a128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30aa81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30b1a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30b4a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30b881.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30bd36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30c546.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30c671.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30ccbd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30d54a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30e0d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30e4cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30ed5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-30f379.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31000e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-310724.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-310fb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-311929.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-311fa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-312870.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-312e9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-313555.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31419b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31498c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-314e90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-3152b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-315952.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-315dc8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31604b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31627f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-3169c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31737b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31766b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-317a55.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-317db3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-3182e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-318c7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-308-16b8-31b19a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b77ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b785c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b78bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b78ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b78ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7a3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7a7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7abc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7b1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7bbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7bfd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7c4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7c7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7c9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7cc0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7d20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38b8-4194-4c0b7d60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cf12e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cf2a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cf597.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cf7eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cf925.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cfafc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cfce2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cfd23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cfe6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680cff59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d0007.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d0180.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d02ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d031b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d03a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d03ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d0498.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d04e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-498c-1ddc-680d0567.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b7f11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8136.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8280.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b835c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b842a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8489.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b85e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b86b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b878d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b885a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8985.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8a52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8c3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8caa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8cfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8da8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b8ffc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-81c-bd8-36b96c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-700cbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-700d9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-70107b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-70108d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-7010ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-70110e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-70112f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-70117f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-7011ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701220.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701241.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-7012df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701320.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701341.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701353.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701364.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701376.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701387.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d0c-13c0-701416.tmp deleted
C:\Users\kral_\AppData\LocalLow\Unity deleted

==== Orphaned Tasks deleted from Registry ======================

Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse deleted
Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse deleted
Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\kral_\AppData\Roaming\Mozilla\Firefox\Profiles\6cnaykf6.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 83.0.4103.97

Chrome Media Router - kral_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{E30FF4F7-E4C7-4048-B0A5-461A6A6D34B3} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\kral_\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\kral_\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\kral_\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\kral_\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kral_\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kral_\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\kral_\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\kral_\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=47 folders=372 60223818 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kral_\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\kral_\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 13.06.2020 at 17:12:22,20 ======================

log zemana:

Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 13.06.2020 17:54:28
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:01:24
Zkontrolované objekty : 1972
Zjištěné objekty : 114
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 4X Intel(R) Pentium(R) CPU 4405U @ 2.10GHz
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 12B551ABCCBDE44343AC28

Odhalení
MD5 : 0065BCECDF9A8E97004FA1A6FC165FBF
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\wsc_proxy.exe
Vydavatel : AVG Technologies USA, LLC
Velikost : 110608
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 5F23E53FA9E2C5402003D5C20AFD1397
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\commchannel.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1011616
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1831935CF325B25DA70ACBE5BD343E27
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswip.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 116552
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 52BF1DE11A291E6628414CECCA293C16
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\tasks_core.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 304536
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 2065AA902F143A181E0DEFEDED1306D1
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswaux.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1033856
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : F64495E589A3A4904C4E36EA14F6432C
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\anen.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1215624
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 591F986905DDF79A4BE54A092EEB42C5
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\event_manager.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 304496
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : B1BC85B9599E953381FF90ABFB08041C
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\burger_client.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1444416
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : B9248B0348E604356CC1A6F59166AF52
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\event_manager_ga.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 853032
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : B85E6655C6DE4286AAA48C516E348D9A
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswcmnis.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 471352
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 71A7843FA84FA5F2236038ADB30F9B99
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\libcrypto-1_1-x64.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 3577408
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 453703A35A0F62F40173390E6D5FF63B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswproperty.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 681536
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 10FD1E1D90572CC5635EF93D663B79E5
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ashserv.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 5153456
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E405CD89ACD8D098C76D19E2DD8B2A81
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\libssl-1_1-x64.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 741440
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : CD98A26629403A52A3358C8296E01309
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswsqlt.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 802424
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : A3232D3F1267485ACDEDB8AC2A4EC30E
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\serialization.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 352000
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 8FD82027663F9ADADA8FA11B7AEDB178
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\event_routing_rpc.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 791568
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 7189D31F3A4B2B8E6AB858A6E5BF3BFF
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\process_monitor.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 358768
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 85BE7C52BFE98F83A932A0E1EC28B013
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\event_manager_burger.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 327248
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 716F05562220069610315F07A4703626
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\wsc.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 2002824
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 7B9A3BDD4C1FE9FDB03F08EC74268483
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswcmnbs.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 576736
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : F796FA460C5447F81E7C094AB7D45BC2
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswcmnos.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 178016
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 95313BB89018BC8421A57AA52B8DDFA7
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\protobuf.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 2555968
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : EA7255D688586852D68D972FFDFBEDB4
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\log.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 150592
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 4B99F30E5428E8C0016AFE24C287F07B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aavmrpch.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 180024
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : D83C819EC8F1F02441ED15A0D2E74AAF
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ashtask.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 743000
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 01CF7C9867AA7150F6FBF3116921F266
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswlog.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 338072
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9064886270164D762FA889FD2E97361C
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\streamback.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 583432
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : B16220A9FD1DEDC9F12B8C842EEB1E7B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\avgsvc.exe
Vydavatel : AVG Technologies USA, LLC
Velikost : 349552
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : C6C09A0004409615BAA19DEB46EBE6A8
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ashbase.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1961944
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9643FB7C9EAC96C853E7C5FD0D2C59A1
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswengldr.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 426920
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 25A5E46A46FEEF42A7F974A4F5F10882
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\module_lifetime.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 48864
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : F9515BC67DD970FB3911C9D4DDC2FACD
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\dll_loader.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 45280
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : F5E0C77D5EA8B253DB23E7589FF347B7
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswpropertyav.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 637656
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1D49623BEBE818928825E3DC33B2C102
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ashtaskex.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1326160
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 96975E3AFAE237292661BB44E2372A82
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aavm4h.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 6844984
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 802BE7F6DC731747C40016817AD569A9
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\event_routing.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 440888
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 19352BD9B9F3A8514E3A57DEB1F3B40B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswpsic.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 372160
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 7E3CE3F2890AC6971B91D123A661BA3D
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\event_manager_er.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 156256
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 3439E864D0462601D21ED31095D85A1A
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ntp_time.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 258536
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : D3008A39047887F61E81DD40DE9A8E4C
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\lim.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 3139720
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9D487A221A821F34E9D4A0E34B14187B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswcmnos.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 187016
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : A9649B3EDAB4ECDC97AA066CC0CDC223
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswarray.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 419464
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : D2EF4255B18D6C3DFAE8FFD9583308F9
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswcomm.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 709056
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : D83FC7087447FA588AE43D497F4D8E22
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswwinamapi.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 120256
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : EB8CEDCE7960FF58EBFEE41D78F90702
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\vaarclient.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 902616
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : CBF17E2A33C1AD03CCDAC4485E95FB1B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\shepherdsync.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1331288
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 833F161DE70AEC4D954BCE47BDC85140
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\health.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1878792
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 795C6F366726CF4C8E89C57799BDBBED
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswcmnbs.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 608392
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 56EE893A7D58DA4CAD388E8016C1F8AA
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswcleanerdll.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 674440
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1EE3B58CF7FE04F4000AE6F2695BF5E4
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswsecapi.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1137600
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : AFFCBB719636ED6732CC941240B8A729
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswremoval.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 2209216
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 234C45684AFFADC2E083446EE9F04146
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\arpot.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 407176
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : BFC624ED4A9C93EAE0A43C17FD324FDA
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\features_manager.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 204824
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 20BD4CD119BC21296D289EE277EE10AF
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\tuneupbin\tuneupsmartscan.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 7330952
Odhalení : Heur:Malicious/Adware
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 4D2BFFDB996789E43485F7BF7872EA89
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswamsi.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1775016
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 0777AD7D94E378AB358CAB37C6EA4450
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\gaming_mode.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1896376
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 8851C080BBC9323796AEE90709DC62AE
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\bcuengine.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 5511816
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 135DFA8994CE917AB0E5938C28252B00
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswcmnis64.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 509576
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 2CF3B5FA6E8A4DBF9246020D7E6DC08C
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswrep.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 515208
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 0297EC30171B7517D040D789FE034F1E
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\algo64.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 6853880
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 376731460C60E6D1BF0B4073C8EE8CAB
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswvmm.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 43704
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 4DA117053D3757D05EC85182FAA6A2A6
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\custody.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 821000
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 03BA559AB0958FF1C87167B5D7AE01C1
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\gui_cache.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 586064
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9297456C980E0498939846864B2E185F
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\shredder.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 406816
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 126B8C87718A209AE4272DD080DBEC74
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\swhealthex2.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 2488968
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : AC80C3F07110FBE13B0856775F30A971
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\browser_pass.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 358216
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 6DEF47D0F609E1109CEA423E03295AFE
Stav : Zkontrolováno
Objekt : c:\program files (x86)\intel\driver and support assistant\dsaservice.exe
Vydavatel : IDSA Production signing key
Velikost : 37736
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E3FD196906D25EF2D7BB584852F1ABA8
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswengin.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1876616
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 85F64FFB3A6A05EA51D92A3426705C4A
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\aswfidb.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 708232
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E0B95D9551AEF7BF7AB11BE53EE2BEB3
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\fltlib_wrapper.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 90184
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : A92406936A46388EA08DE8434333C5B1
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswdetallocator.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 181696
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 8D4F53D48A48A0DD46323F6761472BE1
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswntsqlite.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 839104
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 89B78D20FAEE02AE780D5374B84F0C21
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ffl2.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 967672
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1CA313F1BAF4086862735016C9CC4BD5
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\opm.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1210432
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 041071D3017BC199522C682D09867453
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswpatchmgt.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 701720
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : CC3556906DD0E5C3DC3525CE99A0A6D5
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\x86\aswamsi.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1501752
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E9E0EC1803156A133259F286DE2CFE59
Stav : Zkontrolováno
Objekt : c:\program files (x86)\lenovo\vantageservice\3.2.114.0\x64\sqlite.interop.dll
Vydavatel :
Velikost : 1631744
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 8FD354D793FE604B9E876D62640037BE
Stav : Zkontrolováno
Objekt : c:\program files (x86)\intel\driver and support assistant\dsacoreinterop.dll
Vydavatel : IDSA Production signing key
Velikost : 382312
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9DE3FCEE346B5CD748123F0CBF3224C6
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswengsrv.exe
Vydavatel : AVG Technologies USA, LLC
Velikost : 570008
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 8280735D407BD7C1958786F6D59F07F0
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswidsagent.exe
Vydavatel : AVG Technologies USA, LLC
Velikost : 6397888
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 8C4D91365E1240E3E3BABE78AA2B525F
Stav : Zkontrolováno
Objekt : c:\program files (x86)\intel\driver and support assistant\dsaupdateservice.exe
Vydavatel : IDSA Production signing key
Velikost : 154472
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 446BD7EC2E0802362DE902CF667EBA10
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\x86\aswhook.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 50112
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 3E3DEE0D44570B267E11BF67BD956EFA
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswdata.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 984264
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : CB65A9EE19480082CDEBBC39A72B8672
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\htmlayout.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 3991344
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 5C3D64A41CDC0ADE17DCD96324A32266
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgrvrt.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 84928
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 5C702897AA6BED20E59614C24C3038FF
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgardisk.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 37208
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 0F04B8ABE404CBB00225C4382D95C6C7
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgsp.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 461064
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9DBEDCD2B0E526D06814D11E5A32B190
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\1029\uilangres.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 260176
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : ACA7CC2C32D82C68EE69CA52B20C98DA
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswidpm.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 560576
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : C5828E3B4A60DAA8DA7FD298468FF272
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\gaming_mode_ui.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 449672
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 5810639D1477C0C33DDD1EFE75256DBD
Stav : Zkontrolováno
Objekt : c:\programdata\lenovo\imcontroller\plugins\genericmessagingplugin\x86\sqlite.interop.dll
Vydavatel :
Velikost : 1343488
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 9A3F7C302B20D36F78CC12B9FE6E497A
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgbidsh.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 178832
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : A5651F13F9FCD84972135065DCB85D58
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgsnx.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 851664
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 3F076B6BA413F8FEEFD0F1E88B4A844A
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgrdr2.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 109336
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 94999245E9580C6228B22AC44C66044C
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgarpot.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 205952
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E6EECD42770FC23D163BEB61AD7DAE75
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\avlaunch.exe
Vydavatel : AVG Technologies USA, LLC
Velikost : 156776
Odhalení : Suspicious:SRC!R
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 2F0DAA5F2DD290E556F78C321567BD70
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\ashshell.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1723344
Odhalení : Suspicious:SRC!R
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : C879091CD9F1237538C9B9CC7BA8406E
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgmonflt.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 175776
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : C6FF5C7D19389B2A44DE0845157EF68E
Stav : Zkontrolováno
Objekt : c:\program files (x86)\intel\driver and support assistant\dsatray.exe
Vydavatel : IDSA Production signing key
Velikost : 238440
Odhalení : Suspicious:SRC!R
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 0B63D0385AF09A1A06E2C7D03D43CCEB
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\avgui.exe
Vydavatel : AVG Technologies USA, LLC
Velikost : 10084960
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E37403950418E1BEF456C3771C3E092B
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\gaming_probe.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 607672
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 79F9270CE048436EA3272AE61ABEC12A
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\commonres.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 2431488
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : DCECD415B5C1CADEF3CEA6072CF4CCC4
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswdatascan.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 2005344
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : D6D876382895462C49691C0526D9B5B9
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgvmm.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 319200
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 6036069D6F01E597B449DF8DFFDA3A2C
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgbuniv.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 61072
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : C755C5FE236A97909FA1742624DB64E2
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgbidsdriver.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 234632
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 1B79BCC8866F707C5896B4D35E4DC889
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgstm.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 235552
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 25A6980590696DF23BDB8022685D0F06
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\aswhook.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 62400
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 54424648F228B761291D6F1D4C7A27F6
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\commonui.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 625224
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 95A4A333D204439DC098E9FECE213484
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\cef_renderer.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 1013704
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 6BB7FE86BE954E3675F2D8DFFCE382EB
Stav : Zkontrolováno
Objekt : c:\program files (x86)\avg\antivirus\defs\20061308\uiext.dll
Vydavatel : AVG Technologies USA, LLC
Velikost : 70280
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : C75916B15535B1BC67D92975921E95E3
Stav : Zkontrolováno
Objekt : c:\programdata\lenovo\imcontroller\plugins\lenovowifisecurityplugin\x86\x86\e_sqlite3.dll
Vydavatel :
Velikost : 944840
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 5A7812FB6FF96CEDBBA7010235A2D1A8
Stav : Zkontrolováno
Objekt : c:\windows\system32\drivers\avgkbd.sys
Vydavatel : AVG Technologies USA, LLC
Velikost : 42856
Odhalení : Suspicious:SRC!D
Akce : Karanténa
-----------------------------------------------------------------------

Po přesunu do karantény mi nefungovalo připojení k wifi. nějaký problém s DNS, který nešel automaticky opravit. po restartu pc vše ok

log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:11, on 13.06.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)

Boot mode: Normal

Running processes:
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
C:\Users\kral_\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_48c2e68e54c92258\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_48c2e68e54c92258\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_52bc2 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Unknown owner - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Unknown owner - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem0.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_48c2e68e54c92258\igfxCUIService.exe
O23 - Service: @oem61.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo Group Ltd. - C:\Program Files (x86)\Lenovo\VantageService\3.2.114.0\LenovoVantageService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Conexant UIU Service (UIUService) - Conexant Systems, Inc. - C:\WINDOWS\system32\UIUSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10451 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

všechno uděláno podle rad.
v del fix jsem zapoměl zatrhnout purge system restore, proto 2 logy. myslím si, že to jede bez problému. děkuju

# DelFix v1.013 - Logfile created 15/06/2020 at 11:18:50
# Updated 17/04/2016 by Xplode
# Username : kral_ - LAPTOP-0CMD3SVL
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\kral_\Desktop\HijackThis.exe
Deleted : C:\Users\kral_\Downloads\AdwCleaner.exe
Deleted : C:\Users\kral_\Downloads\hijackthis.log
Deleted : C:\Users\kral_\Downloads\TFC.exe
Deleted : C:\Users\kral_\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

# DelFix v1.013 - Logfile created 15/06/2020 at 11:25:04
# Updated 17/04/2016 by Xplode
# Username : kral_ - LAPTOP-0CMD3SVL
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

~ Cleaning system restore ...

Deleted : RP #39 [Naplánovaný kontrolní bod | 05/30/2020 19:56:06]
Deleted : RP #41 [Windows Update | 06/04/2020 09:01:57]
Deleted : RP #42 [Windows Update | 06/07/2020 16:48:34]
Deleted : RP #43 [Odebráno: OpenOffice 4.1.7 | 06/10/2020 09:07:32]
Deleted : RP #44 [JRT Pre-Junkware Removal | 06/12/2020 08:53:34]

New restore point created !

########## - EOF - ##########

PC-HELP.CZ

napadené pc.

napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc.

Re: napadené pc. Vyřešeno