Prosím o kontrolu logu Vyřešeno

[nancy]

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  23.10.2023 21:53:26
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:15
Zkontrolované objekty    :  2021
Zjištěné objekty    :  0
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  8X Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  142904A814292F4CE93652

[Reklama]

[nancy]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:59, on 23.10.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.3570)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(GenericMessagingAddin).exe
D:\Naďa\Documents\Dokumenty\Počítač_bezpečnost\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 94.136.157.85
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Naďa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Naďa\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_4944CC74D2433D6B1FA01F9289069143] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Business Console Client Antivirus Service - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\bccavsvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service: AVG Tools - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: AVG Business Console Client (avgBcc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\bcc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4b31d9b38e2bb506\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_cbd64 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem65.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Dolby Laboratories - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem18.inf,%ServiceDisplayName%;Intel(R) Dynamic Tuning service (esifsvc) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
O23 - Service: ELAN Service (ETDService) - Unknown owner - C:\Windows\System32\ETDService.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\Windows\System32\FMService64.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\118.0.5993.89\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe
O23 - Service: @oem0.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @oem63.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service: @oem63.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\Windows\system32\cAVS\IAS\IntelAudioService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo - C:\Program Files (x86)\Lenovo\VantageService\\3.13.72.0\LenovoVantageService.exe
O23 - Service: @oem0.inf,%LNBITS.SVCDESC%;Lenovo Notebook ITS Service (LITSSVC) - Unknown owner - C:\Windows\System32\LNBITSSvc.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oem67.inf,%RstMwService.ServiceName%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @oem83.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\Windows\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13902 bytes

[nancy]

ZOEK má 300 tisíc znaků, co s tím?

Zdá se, že se nezobrazuje hláška o stahování při uzavření prohlížeče...

[jaro3]

Ccleaner proveden?
Jaký používáš prohlížeč? Navol si v prohlížeči "nastavení" nebo rovnou "Stahování" a tam uvidíš ty soubory , které nebyly staženy. Ty pak odstraň.

[nancy]

Ano, Cclener proveden, používám běžně.
Momentálně používám Edge.
Mrknu na stahované... odstraněno.
Log Zoek už nemusím vkládat?


edit.: Zemana mi detekoval trojana SecurityHealthHost.exe, neumím na netu zjistit, zda je opravdu trojan nebo ne a neorientuju se v problematice.
Nejde zapnout firewall u doménové sítě, vždy, když to zapnu, vyskočí varování Zemana o trojanovi a vypne se. V karanténě jej odstraním a pořád se to opakuje - znova naskočí varování, v System 32 jsem soubor našla, ale jak jsem už napsala, nevím, zda tam patří a kdyby ne, nevím, jak jej odstranit.

[jaro3]

SecurityHealthHost.exe by měla být součaást windows. Pokud si nejsi jista:
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na https://www.virustotal.com/#/home/uploadVirustotal
SecurityHealthHost.exe ( umístění snad znáš).
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

https://www.virustotal.com/#/home/upload

Poté:
V možnostech složky si zakaž zobrazování skrytých souborů a složek+ dej zatržítko skrýt chráněné soubory operačního systému

[nancy]

Detekce je OK, (Virustotal občas využívám).
Snad by to mohlo být vše. Ještě chvíli nechám téma otevřené, kdyby náhodou něco zlobilo.
Děkuju za pomoc a za čas, strávený u mého příspěvku. Určitě zase pošlu příspěvek...
Dobrou noc.


Security vendors' analysis
Do you want to automate checks?
Acronis (Static ML)
Undetected
AhnLab-V3
Undetected
Alibaba
Undetected
ALYac
Undetected
Antiy-AVL
Undetected
Arcabit
Undetected
Avast
Undetected
AVG
Undetected
Avira (no cloud)
Undetected
Baidu
Undetected
BitDefender
Undetected
BitDefenderTheta
Undetected
Bkav Pro
Undetected
ClamAV
Undetected
CMC
Undetected
CrowdStrike Falcon
Undetected
Cybereason
Undetected
Cylance
Undetected
Cynet
Undetected
DeepInstinct
Undetected
DrWeb
Undetected
Elastic
Undetected
Emsisoft
Undetected
eScan
Undetected
ESET-NOD32
Undetected
F-Secure
Undetected
Fortinet
Undetected
GData
Undetected
Google
Undetected
Gridinsoft (no cloud)
Undetected
Ikarus
Undetected
Jiangmin
Undetected
K7AntiVirus
Undetected
K7GW
Undetected
Kaspersky
Undetected
Kingsoft
Undetected
Lionic
Undetected
Malwarebytes
Undetected
MAX
Undetected
MaxSecure
Undetected
McAfee
Undetected
Microsoft
Undetected
NANO-Antivirus
Undetected
Palo Alto Networks
Undetected
Panda
Undetected
QuickHeal
Undetected
Rising
Undetected
Sangfor Engine Zero
Undetected
SecureAge
Undetected
SentinelOne (Static ML)
Undetected
Skyhigh (SWG)
Undetected
Sophos
Undetected
SUPERAntiSpyware
Undetected
Symantec
Undetected
TACHYON
Undetected
TEHTRIS
Undetected
Tencent
Undetected
Trapmine
Undetected
Trellix (FireEye)
Undetected
TrendMicro
Undetected
TrendMicro-HouseCall
Undetected
Varist
Undetected
VBA32
Undetected
VIPRE
Undetected
VirIT
Undetected
ViRobot
Undetected
Webroot
Undetected
Xcitium
Undetected
Yandex
Undetected
Zillya
Undetected
ZoneAlarm by Check Point
Undetected
Zoner
Undetected
Avast-Mobile
Unable to process file type
BitDefenderFalx
Unable to process file type
Symantec Mobile Insight
Unable to process file type
Trustlook
Unable to process file type

[jaro3]

OK , programy na čištění odstraníme potom pomocí DelFixu.

[nancy]

Dobře, právě jsem se na to chtěla zeptat.

[jaro3]

Stáhni si zde DelFix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Ohledně podpory fóra viz SZ. Děkujeme!

[nancy]

# DelFix v1.010 - Logfile created 25/10/2023 at 11:51:25
# Updated 26/04/2015 by Xplode
# Username : Naďa - LAPTOP-U3B2LL19
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Naďa\Desktop\JRT.exe
Deleted : C:\Users\Naďa\Desktop\JRT.txt
Deleted : C:\Users\Naďa\Desktop\RogueKiller_setup.exe
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #80 [Naplánovaný kontrolní bod | 10/22/2023 09:33:11]
Deleted : RP #81 [AdwCleaner_BeforeCleaning_23/10/2023_18:09:34 | 10/23/2023 16:09:35]
Deleted : RP #82 [JRT Pre-Junkware Removal | 10/23/2023 16:20:16]
Deleted : RP #83 [Installed Sophos Virus Removal Tool. | 10/23/2023 16:34:05]
Deleted : RP #84 [zoek.exe restore point | 10/23/2023 19:20:51]

New restore point created !

########## - EOF - ##########

[nancy]

Po restartu vidím v procesech pracovat na pozadí Anti-Malware Scan and Removal (Rogue Killer), také jej vidím v Odinstalovat programy, včetně Sophos, Zemana, CrystalDiskInfo a Temp File Cleaner.
Co s tím? Normálně odinstalovat?