Prosím o kontorlu LOGu - z témata flash disk

Reklama

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 01:21

Program : RogueKiller Anti-Malware
Version : 15.1.2.0
x64 : Yes
Program Date : Nov 3 2021
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : Yes
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.22000) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : PC
User is Admin : Yes
Date : 2021/11/07 00:19:11
Type : Removal
Aborted : No
Scan Mode : Standard
Duration : 276
Found items : 6
Total scanned : 85427
Signatures Version : 20211102_094554
Truesight Driver : Yes
Updates Count : 10

************************* Warnings *************************

************************* Removal *************************
[PUP.MailRU (Potentially Malicious)] HKEY_USERS\S-1-5-21-567793115-1420348267-216889998-1001\Software\GameCenter -- -> Deleted
[+] scan_what : 2
[+] vendors : PUP.MailRU
[+] Name : HKEY_USERS\S-1-5-21-567793115-1420348267-216889998-1001\Software\GameCenter
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 0
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{3DAAC707-AF49-4BA8-8348-F0CC78AFEC1E}C:\users\ladis\appdata\local\temp\rar$exa6324.24125\rift.exe -- [%localappdata%\temp\rar$exa6324.24125\rift.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{3DAAC707-AF49-4BA8-8348-F0CC78AFEC1E}C:\users\ladis\appdata\local\temp\rar$exa6324.24125\rift.exe
[+] value : [%localappdata%\temp\rar$exa6324.24125\rift.exe]
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 1
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{08ACBDA4-1AB0-4AF7-A8B4-E781B4E3DACB}C:\users\ladis\appdata\local\temp\rar$exa6324.24125\rift.exe -- [%localappdata%\temp\rar$exa6324.24125\rift.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{08ACBDA4-1AB0-4AF7-A8B4-E781B4E3DACB}C:\users\ladis\appdata\local\temp\rar$exa6324.24125\rift.exe
[+] value : [%localappdata%\temp\rar$exa6324.24125\rift.exe]
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 2
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{18826255-CDD8-47F9-B914-A22C95592AEC} -- [%_PC_appdata%\loudplay\client\bin\streaming.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{18826255-CDD8-47F9-B914-A22C95592AEC}
[+] value : [%_PC_appdata%\loudplay\client\bin\streaming.exe]
[+] Type : Registry
[+] file_hash : E45A11CC71013CC600F18F43620C25EB227313DAFDDBF4A7495628199193F775
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 3
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E1FE4AAE-C9B4-4582-B064-255D54BE3D93} -- [%_PC_appdata%\loudplay\client\bin\streaming.exe] -> Deleted
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E1FE4AAE-C9B4-4582-B064-255D54BE3D93}
[+] value : [%_PC_appdata%\loudplay\client\bin\streaming.exe]
[+] Type : Registry
[+] file_hash : E45A11CC71013CC600F18F43620C25EB227313DAFDDBF4A7495628199193F775
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 4
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[Rogue.MalwareFox (Malicious)] MalwareFox AntiMalware -- %programfiles(x86)%\MalwareFox AntiMalware -> Deleted
[+] scan_what : 1
[+] vendors : Rogue.MalwareFox
[+] Name : MalwareFox AntiMalware
[+] value : %programfiles(x86)%\MalwareFox AntiMalware
[+] Type : File/Folder
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 2
[+] id : 5
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 01:57

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by PC on 07.11.2021 at 1:24:26,97.
Microsoft Windows 11 Home 10.0.22000 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ladis\AppData\Local\Temp\Rar$EXa17928.31724\zoek1\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

07.11.2021 1:25:33 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\ladis\AppData\Roaming\mpv deleted successfully
C:\Users\ladis\AppData\Local\AWSToolkit deleted successfully
C:\Users\ladis\AppData\Local\DBG deleted successfully
C:\Users\ladis\AppData\Local\Wondershare deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-567793115-1420348267-216889998-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{048E86DE-832C-4794-BB61-49D2DFD40960} deleted successfully
HKEY_USERS\S-1-5-21-567793115-1420348267-216889998-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28A8EBED-9C2B-45E4-9508-FB75B7030055} deleted successfully
HKEY_USERS\S-1-5-21-567793115-1420348267-216889998-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4319AB56-CDD6-496A-A91C-D9A229D7BB55} deleted successfully
HKEY_USERS\S-1-5-21-567793115-1420348267-216889998-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7A3D454-1B32-47CF-9DDF-30C8A7FBF392} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\ladis\AppData\Roaming\KDsoftware\My Internet Browser\Profiles\tl9r0juz.default\prefs.js:

Added to C:\Users\ladis\AppData\Roaming\KDsoftware\My Internet Browser\Profiles\tl9r0juz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\ladis\AppData\Roaming\Mozilla\Firefox\Profiles\jftmtccq.default-release\prefs.js:

Added to C:\Users\ladis\AppData\Roaming\Mozilla\Firefox\Profiles\jftmtccq.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\ladis\AppData\Roaming\.tlauncher deleted
C:\Users\ladis\AppData\Roaming\EasyInstaller deleted
C:\Users\ladis\AppData\Roaming\io.krunker.desktop deleted
C:\Users\ladis\AppData\Roaming\Medal deleted
C:\Users\ladis\AppData\Roaming\slobs-client deleted
C:\Users\ladis\AppData\Roaming\wooting-double-movement deleted
C:\Users\ladis\.android deleted
C:\Users\ladis\AppData\Roaming\obs-virtualcam.txt deleted
C:\PROGRA~3\Propagation deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\ladis\AppData\Local\oobelibMkey.log deleted
C:\Users\ladis\AppData\Local\cache deleted
C:\Users\ladis\AppData\Local\CrashRpt deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM22B07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2B25C.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-30a4-3c08-197a2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d400.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d402.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d414.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d416.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d418.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d41a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d42b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d43d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d43f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d451.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d453.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d464.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d466.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d468.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d46a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d47c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d48e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d490.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d492.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1724-1cf0-44d4a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e5c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e5e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e605.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e626.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e637.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e66a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e68c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e6ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e6de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e6ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e711.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e722.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e743.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e755.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e757.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e788.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e79a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e7bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ef4-1e9c-9e7fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2bff7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2bff9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2bffb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2bffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2bfff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c014.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c026.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c028.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c02a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c02c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c030.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c042.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c044.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c046.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c04a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c04c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c04e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c05f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c061.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c063.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c067.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c069.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c06b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c07d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c07f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c081.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c085.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c087.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c098.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c09a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c09c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c09e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b10-3244-d2c0d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d7f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d804.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d806.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d808.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d80a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d81c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d81e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d820.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d822.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d824.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d835.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d837.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d839.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d0c-3368-13d83b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515451.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515475.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515486.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515498.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-51549a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-5154f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515519.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-51552b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-51552d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-51553f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515550.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d88-3668-515562.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19793d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19793f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197953.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197955.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197957.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197959.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19795b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19795d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19796e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197970.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197972.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197984.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197986.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197988.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19798a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19798c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-19799e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-1979a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-1979a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-1979a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-1979a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197a25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197a27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30a4-3c08-197a29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2713bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2713cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2713ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-27140f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271430.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271432.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271453.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271465.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271488.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-27148a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2714ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2714cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2714cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2714e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-2714f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271513.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271525.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271546.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35d4-1504-271577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b166.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b178.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b17a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b17c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b18d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b18f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b1f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b207.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37c8-294-47b209.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a06f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0708.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a070a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a070c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a071e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0720.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0722.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0724.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0735.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0737.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a0739.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3de8-4888-a073b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1ba6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1bc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1bd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1c58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1c69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1c8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1c9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1ccd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1d99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1daa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1dfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1ef6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-40b0-5324-4c1f95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef87f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef90e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef93f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef97f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef9a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30ef9f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efa9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efab0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efac2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efaf3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efb81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4440-1588-30efbd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fb78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fb8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fb8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fb8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fb90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fba1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fba3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fba5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fba7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbbd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbd0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbe8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-44d0-1440-21fbec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272a9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272ab8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272abc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272acd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272acf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272ad1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272ad3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272ae5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272ae7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272ae9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aeb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272afe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272b00.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4afc-1d04-272b02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d2c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4ee8-78c-f40d83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-31326d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-31327f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3132a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3132a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3132c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3132e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-313316.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-313318.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-313339.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-31334a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-31335c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-31335e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-31337f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-313381.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3133a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3133b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3133d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3133d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3133f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-542c-5420-3133fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-68649d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-6864ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686782.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-6868cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686a35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686a66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686d47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686d77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686db8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686f21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-686f33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-68706d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-687189.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-6872b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-6873fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-68747d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-68750b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-68756b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5568-1b10-687686.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253df1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253df3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-56d4-5994-253e75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8582.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8584.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8586.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b85e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8606.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8608.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b864a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b864c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b866d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b866f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8691.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-60d8-1c88-31b8693.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a11ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a1201.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a1203.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a1205.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a1207.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f50-2ff4-a1219.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
"C:\WINDOWS\Installer\95d409c.msi" deleted
"C:\ProgramData\droidcam-client-options-v2" deleted
"C:\ProgramData\droidcam-settings" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Cookies" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Cookies-journal" not deleted
"C:\Users\ladis\AppData\Roaming\discord\lockfile" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\000004.log" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\000005.ldb" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\LOCK" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\LOG" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\MANIFEST-000001" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\000005.ldb" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\017747.ldb" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\017749.log" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\017750.ldb" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\LOCK" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\LOG" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\MANIFEST-000001" not deleted
"C:\PROGRA~2\Wondershare\Wondershare MirrorGo\ElevationService.exe" deleted
"C:\Users\ladis\AppData\Roaming\discord" not deleted
"C:\PROGRA~2\Wondershare" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Session Storage" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb" not deleted
"C:\PROGRA~2\Wondershare\Wondershare MirrorGo" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ladis\AppData\Roaming\KDsoftware\My Internet Browser\Profiles\tl9r0juz.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ladis\AppData\Roaming\Mozilla\Firefox\Profiles\jftmtccq.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
caljgklbbfbcjjanaijlacgncafpegll - No path found[]
ccbpbkebodcjkknkfkpmfeciinhidaeh - No path found[]
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]

Just Black - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab
BTTV - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
Tipli do prohlížeče - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp
Tampermonkey - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
FFZ - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb
Malwarebytes Browser Guard - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee
ShadowPay Trademanager - ladis\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhadkdgdffnnbdfpigjklinjhbkinfh
Malwarebytes Browser Guard - ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee
Chrome Media Router - ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Malwarebytes Browser Guard - ladis\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=HCTE"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=HCTE"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE
HKLM\SearchScopes\{429AF944-B6C7-4C0E-9EFB-F576CA3E3588} - http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE

==== Reset Google Chrome ======================

C:\Users\ladis\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Preferences was reset successfully
C:\Users\ladis\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Secure Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\ladis\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\ladis\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\ladis\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Data was reset successfully
C:\Users\ladis\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Data-journal was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data-journal was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
C:\Users\ladis\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\ladis\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D909FFF5F88D9B24A95823A8210916C1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5FFF909D-D88F-42B9-9A85-328A1290611C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira System Speedup_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D909FFF5F88D9B24A95823A8210916C1 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ladis\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ladis\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\ladis\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache emptied successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\ladis\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\ladis\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6506 folders=702 2185015614 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ladis\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ladis\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Users\ladis\AppData\Roaming\discord\Cookies" not found
"C:\Users\ladis\AppData\Roaming\discord\Cookies-journal" not found
"C:\Users\ladis\AppData\Roaming\discord\lockfile" not found
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\000004.log" not found
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\000005.ldb" not found
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\LOCK" not found
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\LOG" not found
"C:\Users\ladis\AppData\Roaming\discord\Session Storage\MANIFEST-000001" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\000005.ldb" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\017747.ldb" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\017749.log" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\017750.ldb" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\LOCK" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\LOG" not found
"C:\Users\ladis\AppData\Roaming\discord\Local Storage\leveldb\MANIFEST-000001" not found
"C:\Users\ladis\AppData\Roaming\discord" not found
"C:\PROGRA~2\Wondershare" not found

==== EOF on 07.11.2021 at 1:50:46,17 ======================

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 01:58

Dají se nějak data z google chromu dát zpět? Měl jsem tu hodně věcí uložených a nikde nebylo řečeno, že mi je smaže.

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 02:04

Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 07.11.2021 2:01:07
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:14
Zkontrolované objekty : 2386
Zjištěné objekty : 0
Vyloučené objekty : 0
Automatické odesílání : Ne
Operační systém : Windows 10 x64
Procesor : 16X AMD Ryzen 7 4700G with Radeon Graphics
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 148289FEA98316E13D9A2B

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 02:07

----------------------------------------------------------------------------
CrystalDiskInfo 8.12.12 (C) 2008-2021 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 11 [10.0 Build 22000] (x64)
Date : 2021/11/07 2:06:43

-- Controller Map ----------------------------------------------------------
- Standardní řadič SATA AHCI [ATA]
+ Standardní řadič SATA AHCI [ATA]
- ST1000DM003-1SB102
- Standardní řadič SATA AHCI [ATA]
- Řadič prostorů úložišť [SCSI]
+ Řadič Standard NVM Express [SCSI]
- WDC PC SN530 SDBPNPZ-512G-1006
- Xvdd SCSI Miniport [SCSI]

-- Disk List ---------------------------------------------------------------
(01) ST1000DM003-1SB102 : 1000,2 GB [0/1/0, pd1]
(02) WDC PC SN530 SDBPNPZ-512G-1006 : 512,1 GB [1/3/0, sq] - nv

----------------------------------------------------------------------------
(01) ST1000DM003-1SB102
----------------------------------------------------------------------------
Model : ST1000DM003-1SB102
Firmware : HPH5
Serial Number : ZN1N6AV0
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size :
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 2234
Power On Count : 252
Temperature : 35 C (95 F)
Health Status :
Features : S.M.A.R.T., APM, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _80 _63 __6 00000650BC59
03 _97 _97 __0 000000000000
04 _99 _99 __0 000000000411
05 100 100 _10 000000000000
07 _70 _60 _30 000000B83948
09 _98 _98 __0 0000000008BA
0A 100 100 _97 000000000000
0C 100 100 __0 0000000000FC
B4 100 100 __0 00000C19F03D
B7 100 100 __0 000000000000
B8 100 100 _97 000000000000
BB 100 100 __0 000000000000
BC 100 100 __0 000000000000
BD 100 100 __0 000000000000
BE _65 _60 _40 000024150023
C1 100 100 __0 00000000041D
C2 _35 _17 __0 001100000023
C3 _26 __4 __0 00000650BC59
C4 100 100 __0 000000000000
C5 100 100 __0 000000000000
C6 100 100 __0 000000000000
C7 200 200 __0 000000000000

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5A4E 314E 3641 5630 2020 2020 2020 2020 2020 2020
020: 0000 0000 0000 4850 4835 2020 2020 5354 3130 3030
030: 444D 3030 332D 3153 4231 3032 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0100
070: 0000 0000 0000 0000 0000 001F 850E 0006 00CC 0040
080: 07F0 001F 706B 7469 4123 7069 B449 4123 003F 0038
090: 0038 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: C90F 47C1 0000 0000 0000 0000 0000 0000 0000 405C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 0000 FDFF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0184 9400 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 10BD 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A6A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 20 00 01 2F 00 50 3F 59 BC 50 06 00 00 00 03 23
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 63 63 11
020: 04 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 2F 00 46 3C 48 39 B8 00 00 00 00 09 32
040: 00 62 62 BA 08 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 FC 00 00 00 00
060: 00 00 B4 2A 00 64 64 3D F0 19 0C 00 00 00 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 33 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 BC 32 00 64 64 00 00 00 00 00 00 00 BD 3A
0A0: 00 64 64 00 00 00 00 00 00 00 BE 22 00 41 3C 23
0B0: 00 15 24 00 00 00 C1 32 00 64 64 1D 04 00 00 00
0C0: 00 00 C2 22 00 23 11 23 00 00 00 11 00 00 C3 3A
0D0: 00 1A 04 59 BC 50 06 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 3F 02 00 53
170: 03 00 01 00 02 6F 00 00 00 00 00 00 00 00 00 00
180: 00 00 02 00 96 04 00 00 02 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 73 24 A4 40 51 07 00 00
1B0: 00 00 00 00 01 00 35 01 85 9D DE E7 00 00 00 00
1C0: 83 64 24 AE 01 00 00 00 00 00 00 00 10 EB 03 00
1D0: 01 00 00 00 00 00 00 00 A5 05 00 00 06 00 00 00
1E0: 00 00 00 00 24 01 00 00 00 00 00 00 00 00 00 05
1F0: 00 00 00 00 00 00 00 00 00 00 14 16 00 00 00 E5

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 20 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
060: 00 00 B4 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BD 00
0A0: 00 00 00 00 00 00 00 00 00 00 BE 28 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 24

----------------------------------------------------------------------------
(02) WDC PC SN530 SDBPNPZ-512G-1006
----------------------------------------------------------------------------
Model : WDC PC SN530 SDBPNPZ-512G-1006
Firmware : HPS2
Serial Number : 21010N800557
Disk Size : 512,1 GB
Buffer Size :
# of Sectors :
Rotation Rate : ---- (SSD)
Interface : NVM Express
Major Version : NVM Express 1.4
Minor Version :
Transfer Mode : PCIe 3.0 x2 | PCIe 3.0 x4
Power On Hours : 2234
Power On Count : 254
Host Reads : 18980 GB
Host Writes : 6393 GB
Temperature : 40 C (104 F)
Health Status : (100 %)
Features : S.M.A.R.T., TRIM, VolatileWriteCache
APM Level : ----
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000
02 000000000139
03 000000000064
04 000000000005
05 000000000000
06 0000025F5FAA
07 000000CC9412
08 00000E1527D1
09 000010892D9F
0A 000000000369
0B 0000000000FE
0C 0000000008BA
0D 000000000018
0E 000000000000
0F 000000000001

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 15B7 15B7 3132 3130 4E30 3038 3530 3735 2020 2020
010: 2020 2020 4457 2043 4350 5320 354E 3033 5320 4244
020: 4E50 5A50 352D 3231 2D47 3031 3630 2020 2020 2020
030: 2020 2020 5048 3253 2020 2020 4404 001B 0700 0001
040: 0400 0001 A120 0007 4240 000F 0200 0000 0002 0000
050: 0000 0000 0000 0000 0000 0100 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0704
130: 1E14 04FF 0101 0161 0166 0032 C800 0000 0337 0000
140: 6000 3C25 0077 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0039 0101
160: 0000 0001 0111 0166 0002 6000 0000 0000 0008 0000
170: 0000 0000 0000 0000 0000 0000 0001 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 39 01 64 05 00 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: AA 5F 5F 02 00 00 00 00 00 00 00 00 00 00 00 00
030: 12 94 CC 00 00 00 00 00 00 00 00 00 00 00 00 00
040: D1 27 15 0E 00 00 00 00 00 00 00 00 00 00 00 00
050: 9F 2D 89 10 00 00 00 00 00 00 00 00 00 00 00 00
060: 69 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: FE 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: BA 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 02:11

Nový HJT - nevím jaké problémy myslíš. Zatím žádné nemám.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:10:05, on 07.11.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22000.0120)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Users\ladis\AppData\Local\Discord\app-1.0.9003\Discord.exe
C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.9.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
C:\Users\ladis\AppData\Local\Discord\app-1.0.9003\Discord.exe
C:\Users\ladis\AppData\Local\Discord\app-1.0.9003\Discord.exe
C:\Users\ladis\AppData\Local\Discord\app-1.0.9003\Discord.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Users\ladis\AppData\Local\Discord\app-1.0.9003\Discord.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\ladis\AppData\Local\Discord\app-1.0.9003\Discord.exe
D:\Programy\AntiMalware\AntiMalware.exe
C:\WINDOWS\SysWOW64\DllHost.exe
D:\Stažené soubory\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [ExpressVPNNotificationService] "C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RazerCortex] "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\ladis\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [Opera GX Browser Assistant] C:\Users\ladis\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [Discord] C:\Users\ladis\AppData\Local\Discord\Update.exe --processStart Discord.exe --process-start-args --start-minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [HPSEU_Host_Launcher] C:\System.sav\util\HPSEU\HpseuHostLauncher.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [OMENCC_InstallationBooster] C:\system.sav\util\OMENCC_InstallationBooster.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [OMENCC_InstallationBooster] C:\system.sav\util\OMENCC_InstallationBooster.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0369835.inf_amd64_3f3c30a5474a509e\B369111\atiesrxx.exe
O23 - Service: AntiCheatExpert Service - Unknown owner - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Security Updater (AviraSecurityUpdater) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Betternet Service 6.14.4 (BetternetSvc_6.14.4) - Betternet Technologies Inc. - C:\Program Files (x86)\Betternet\6.14.4.931\BetternetSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Aktualizace Brave (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Služba Aktualizace Brave (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_45851 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Wondershare Driver Install Service help (ElevationService) - Unknown owner - C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\ElevationService.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: ExpressVPN Service (ExpressVPNService) - ExpressVPN - C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - Unknown owner - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\95.0.4638.69\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: @oem11.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service (HPAppHelperCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\AppHelperCap.exe
O23 - Service: @oem11.inf,%ServiceDiagsDesc%;HP Diagnostics HSA Service (HPDiagsCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\DiagsCap.exe
O23 - Service: @oem11.inf,%ServiceNetworkDesc%;HP Network HSA Service (HPNetworkCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\NetworkCap.exe
O23 - Service: @oem70.inf,%ServiceOmenDesc%;HP Omen HSA Service (HPOmenCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f70676215ebef294\x64\OmenCap.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: @oem11.inf,%ServiceSysInfoDesc%;HP System Info HSA Service (HPSysInfoCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\SysInfoCap.exe
O23 - Service: @oem80.inf,%hpanalyticscomp%;HP Analytics service (HpTouchpointAnalyticsService) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe
O23 - Service: ID19 HP Fan Control Service - Unknown owner - C:\Program Files\FanControlApp\FanControlApp.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - Unknown owner - C:\windows\System32\mracsvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProtonVPN Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service: ProtonVPN Update Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - D:\Programy\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c3f6cdb5c1120dad\RtkAudUService64.exe
O23 - Service: @oem86.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @oem87.inf,%WMSVC.DeviceDesc%;Realtek Wireless Manager Service (RtkWiFiManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkWiFiManServ.exe
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sound Research SECOMN Service (SECOMNService) - Unknown owner - C:\WINDOWS\System32\SECOMN64.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 20475 bytes

Příspěvekod **jaro3** » 07 lis 2021 15:04

Ten flash disk byl stále připojený? Zkus ho projet antivirem a Malwarebytes Antimalwarem.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [OMENCC_InstallationBooster] C:\system.sav\util\OMENCC_InstallationBooster.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [OMENCC_InstallationBooster] C:\system.sav\util\OMENCC_InstallationBooster.exe (User 'NETWORK SERVICE')

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 15:19

Nebyl připojen. U některého si mi řekl ať vypojím vše kromě klávesnice a myši.

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 15:36

# DelFix v1.010 - Logfile created 07/11/2021 at 15:36:14
# Updated 26/04/2015 by Xplode
# Username : PC - DESKTOP-FH7OD4M
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\ladis\Desktop\AdwCleaner.exe
Deleted : C:\Users\ladis\Desktop\JRT.txt
Deleted : C:\Users\ladis\Desktop\RogueKiller_setup.exe
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #11 [JRT Pre-Junkware Removal | 11/04/2021 19:56:34]
Deleted : RP #12 [zoek.exe restore point | 11/07/2021 00:25:22]

New restore point created !

########## - EOF - ##########

Master2016 · Příspěvekod **Master2016** » 07 lis 2021 15:37

Problémy nejsou ale zajímá mě, jestli můžu dostat nějak zpět soubory z té flashky a popřípadě jak.

Příspěvekod **jaro3** » 07 lis 2021 17:18

Zkus některý najít zde:
https://www.google.com/search?client=op ... 8&oe=UTF-8

těžko radit ,který je lepší. Můžeš si založit téma v sekci :
viewforum.php?f=58

Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Re: Prosím o kontorlu LOGu - z témata flash disk

Kdo je online