Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:39:35, on 13.01.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.3636)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Windows\System32\PrintDisp.exe
C:\Users\Ježíšek\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Ježíšek\AppData\Roaming\uTorrent\updates\3.6.0_46984\utorrentie.exe
C:\Users\Ježíšek\AppData\Roaming\uTorrent\updates\3.6.0_46984\utorrentie.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Ježíšek\AppData\Roaming\uTorrent\helper\helper.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\SDXHelper.exe
E:\Stažené\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aliciagame.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlpack.site # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.org # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepack.games # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.133\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Ježíšek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent -launchcontext=boot
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ježíšek\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [ut] "C:\Users\Ježíšek\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Microsoft Edge Update] "C:\Users\Ježíšek\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\MicrosoftEdgeUpdateCore.exe"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_178D0CE1775945E4E3CACEE83D2A7923] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\System32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0395974.inf_amd64_f519c2b9e63da9b0\B395672\atiesrxx.exe
O23 - Service: Armoury Live Update (ArmouryLiveUpdate) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_7b6f10851b28f65f\ArmouryLiveUpdate.exe
O23 - Service: AsusUpdateCheck - Unknown owner - C:\WINDOWS\System32\AsusUpdateCheck.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5ff1b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) - Epic Games, Inc. - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\120.0.6099.217\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nexon Game Security Service (NGS) - NEXON Korea Corporation - C:\ProgramData\Nexon\NGS\NGService.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\WINDOWS\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14029 bytes
Prosím o kontrolu logu pc se seká Vyřešeno
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.
Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)
Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/
na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož. A vlož sem.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.
Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)
Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/
na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož. A vlož sem.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-13-2024
# Duration: 00:00:06
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32108
# Detected: 13
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Users\Ježíšek\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
PUP.Optional.Restoro C:\Windows\restoro.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Restoro HKCU\Software\Restoro
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
PUP.Optional.Restoro HKLM\Software\Classes\Restoro.Engine
PUP.Optional.Restoro HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
PUP.Optional.Restoro HKLM\Software\Restoro
PUP.Optional.Restoro HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-13-2024
# Duration: 00:00:06
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32108
# Detected: 13
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Users\Ježíšek\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
PUP.Optional.Restoro C:\Windows\restoro.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Restoro HKCU\Software\Restoro
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
PUP.Optional.Restoro HKLM\Software\Classes\Restoro.Engine
PUP.Optional.Restoro HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
PUP.Optional.Restoro HKLM\Software\Restoro
PUP.Optional.Restoro HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 1/13/24
Scan Time: 3:32 PM
Log File: 8a1bbfd2-b220-11ee-84c3-3c7c3f80300e.json
-Software Information-
Version: 4.6.8.311
Components Version: 1.0.2242
Update Package Version: 1.0.79602
License: Trial
-System Information-
OS: Windows 10 (Build 19045.3930)
CPU: x64
File System: NTFS
User: DESKTOP-C21IV0L\Ježíšek
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 278402
Threats Detected: 56
Threats Quarantined: 0
Time Elapsed: 1 min, 34 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 4
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Module: 4
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Registry Key: 9
PUP.Optional.Restoro, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Restoro, No Action By User, 7640, 551610, 1.0.79602, , ame, , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\Restoro, No Action By User, 7640, 551614, 1.0.79602, , ame, , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}, No Action By User, 7640, 551619, , , , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine.1, No Action By User, 7640, 551619, , , , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine, No Action By User, 7640, 551619, 1.0.79602, , ame, , ,
Trojan.Patched.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\NTFTQAYYALANNGJC_run, No Action By User, 12440, 1189151, , , , , ,
Trojan.Patched.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{624CE9C1-4848-4FF9-BA35-067D99D48BC2}, No Action By User, 12440, 1189151, , , , , ,
Trojan.Patched.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{624CE9C1-4848-4FF9-BA35-067D99D48BC2}, No Action By User, 12440, 1189151, , , , , ,
PUP.Optional.BundleInstaller, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent, No Action By User, 93, 1207888, , , , , ,
Registry Value: 2
PUP.Optional.BundleInstaller, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ut, No Action By User, 93, 1207888, , , , , ,
PUP.Optional.BundleInstaller, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|uTorrent, No Action By User, 93, 1207888, , , , , ,
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 2
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO, No Action By User, 9973, 921550, 1.0.79602, , ame, , ,
HackTool.KMSpico, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\KMSPICO, No Action By User, 9973, 921555, 1.0.79602, , ame, , ,
File: 35
PUP.Optional.Restoro, C:\WINDOWS\RESTORO.INI, No Action By User, 7640, 551609, 1.0.79602, , ame, , B73C97FB9AA7FB78A7D52E20A22A2AD4, 23F62304C123EB3729DDF78399A3E97A2BE09EA1386DCDAB753AD9C91BBFCB8B
Trojan.Patched.Generic, C:\WINDOWS\SYSTEM32\TASKS\NTFTQAYYALANNGJC_run, No Action By User, 12440, 1189151, , , , , 74CCBA422C14B9727A3460AF9551DCB5, 44F776ECFD6E34DDC4F2330D579E000E5D488BCF39D67AC11639C0C54C4B713C
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, 1.0.79602, , ame, , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk, No Action By User, 93, 1207888, , , , , CDC95104231E098D6D9C60863ADD8C8F, AF9D210AA75E0CA862BECAF3BC98B9F4D353082A1AFAC83B3DB0A7728816E6F6
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\Microsoft\Windows\Start Menu\µTorrent.lnk, No Action By User, 93, 1207888, , , , , 89A170E908270DD14FC61F227548EB18, 77D4284BC8E0BFEB5EE8F86BB5BFF6995C36A660F302C47BDE66F127BD0CF231
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\DESKTOP\µTorrent.lnk, No Action By User, 93, 1207888, , , , , DAD4FB2CCFCA98AC3B239E2FC957413B, 6140F326AA8040330ECE265E1B7CA58368DFB9105BA523888B0408C5F6BF78D2
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UTORRENT.EXE, No Action By User, 93, 1207888, 1.0.79602, , ame, , 1E93CB59D19D1F7FDA0C148E7383B59B, 1873FB64AA7167FE9EB20D29593C8FAB0D4D85B408872A11BF42EDE93ECBD335
Generic.Trojan.Malpack.DDS, C:\PROGRAMDATA\UNZIP.EXE, No Action By User, 1000002, 0, 1.0.79602, EB9443DF46003313FB29449B, dds, 02647526, 6CDB55B3AB73D33576EFC62DB69095F8, 54F610A4F9742B0CB0289077245F0A60245BB3E64E9E67F3DF547DBC23CAA3E2
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46348.EXE, No Action By User, 93, 1086270, 1.0.79602, , ame, , 600F20ABCC1FA9F5BDA0965D07B6855D, 7D89A16FC0D3AFA3CD78CC51E7AE6A81343CB14DE6FDCA9325142DECA5133515
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46096.EXE, No Action By User, 93, 1165198, 1.0.79602, , ame, , 4C958FCC0E655443553D2F6994BF0552, 2AD6315A1D1D832E2EC555E1B6BF9B51C8894F52B8999EEC8564C22540B657B2
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46514.EXE, No Action By User, 93, 1095642, 1.0.79602, , ame, , CDAE52391B92667C9FA26BE90862DC24, 081198C6B5236260AEE9B1183F96EE765E3581724D90B1C5E4484EB1755E773C
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46542.EXE, No Action By User, 93, 1104634, 1.0.79602, , ame, , 33A93C317CE7D83768BE259447B9D3DF, 74C45A5F2FFFFAD53CA82C3DAF94B5C21EF2E06BDBC2E6ECC8128124933CD6E5
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_45988.EXE, No Action By User, 93, 1123325, 1.0.79602, , ame, , 4D09FC00E24A240979951C19B6B64497, 261FCCA4A1177C03C7AFF8B3BCDBF4016C2A3DA6674E6AFB4C8A885D9784064B
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46304.EXE, No Action By User, 93, 1082103, 1.0.79602, , ame, , DC207CC725BA775FE9A5D7FD3ABBF0D1, 8CE54612B6BA168908343FC29C89C6D4CADBB05BAB38B87876FF9FB3E98B4E4E
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46682.EXE, No Action By User, 93, 1124933, 1.0.79602, , ame, , 21EA44D3A8D7CBCC07477A5C0D8795C8, 0CCF662DB06716FD3BA76CCC9178AB9AA613F41426EC69D69DDFCECC761E1A7E
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46828.EXE, No Action By User, 93, 1159036, 1.0.79602, , ame, , 1009E138A3EDEEF04EC3A0C3BDDFDF20, 962CA30406E010630CC520C1B63233C8D67CDAB34C4E389DD16CF4957B938D91
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46922.EXE, No Action By User, 93, 1194600, 1.0.79602, , ame, , 3839CF1C5D36C519D906EFB02F1CE926, A874053DF1DD29288B9F3518B8E14FE6BE99728FD86AF9FB070A02C997C87731
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46716.EXE, No Action By User, 93, 1129493, 1.0.79602, , ame, , DB5A4011B86CE680FC16120B8B2FDABA, 70D8024DBE50A74714AC6A2E316E0C3F58FE7DB94C2AC2E6CCD513759E4BD386
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46738.EXE, No Action By User, 93, 1131981, 1.0.79602, , ame, , FD42379761A5DDA477083EBFB172286B, 9A27F17D859D7F60A26030C7A0EF3698FFA0FF5FF4230963E52AB79A6A4DACDF
PUP.Optional.DotSetupIo, C:\USERS\JEžíšEK\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO8-X64.EXE, No Action By User, 10166, 1149654, 1.0.79602, , ame, , D884550A8B075167353DB3BC9118DD18, BE2C1E8B419D8F8E85FB7A4A4E6A6C908244EE9520F9657DA932C23CF7ED4DDB
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46846.EXE, No Action By User, 93, 1167217, 1.0.79602, , ame, , 7C818376F29466E72B69CD878A7DD0F4, 013023744F27EDBAF437FD0888FF1B6A3FF8F6E7241607388438B58AF76C9470
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46884.EXE, No Action By User, 93, 1171441, 1.0.79602, , ame, , 92CC8E57B8D0761F2171D36C6FC9BAC1, E9F75781B480417053533A270E0C941426BA65F32B8AAB62AAF0039B961F1228
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46200.EXE, No Action By User, 93, 1107212, 1.0.79602, , ame, , 7C4F15EA0F16F5BFD2E868D70ADED600, D91E240254EBB233F7F23FA1AFE91C12089EED919E9FF85E4CB7A8AEB04B5A51
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46674.EXE, No Action By User, 93, 1177228, 1.0.79602, , ame, , 6AB2DCB825A2EEF0023C2B606DA11E2E, 346B206A7FCB7F1E7D04E57DE8F5214218E04BC800A1114071619B508811BC7F
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46984.EXE, No Action By User, 93, 1207888, 1.0.79602, , ame, , 5C2FEB7B6272710AFD242AC8E153E020, F93BB52B7D806215F52D2ECDF1F2C6DF5CAB7152BAA930F242B12ACDBB0BA478
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46944.EXE, No Action By User, 93, 1200935, 1.0.79602, , ame, , 5E1DEE1E8D566C37B64BB363AFFF7435, E8DD74077679787C534757099879EE763215DFEA2EDF19560B0230EFA7B1476F
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\UTORRENT.EXE, No Action By User, 93, 1207888, 1.0.79602, , ame, , 1E93CB59D19D1F7FDA0C148E7383B59B, 1873FB64AA7167FE9EB20D29593C8FAB0D4D85B408872A11BF42EDE93ECBD335
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46822.EXE, No Action By User, 93, 1156615, 1.0.79602, , ame, , ADBE1E273D0A089B497729ED595762AA, 15863738C35FBED4A984569C7A49556C79D528176431FADAD0C094E069A4EF8C
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46904.EXE, No Action By User, 93, 1192101, 1.0.79602, , ame, , 078A33F16906087BCA73770103372A64, FA32892A5874E72B179E7C0F098E3EBF684BF1258497C0823D54AEC3408CE094
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46590.EXE, No Action By User, 93, 1116198, 1.0.79602, , ame, , 4B4149C544EA79ACCC7CB55015FCC0FA, 761BE1C00F156CAA8D04DB5BD0E2F7B3F12FD0B4B9F29BD4E0AF13125F2E4646
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46672.EXE, No Action By User, 93, 1170957, 1.0.79602, , ame, , 437ED8763AE1A4D9FA62F3643927CCC6, 94D24CAD6B8E158DF73247376A420291E2D954CE387E4A6665670A4E8E586EE3
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46812.EXE, No Action By User, 93, 1148570, 1.0.79602, , ame, , 8CDC1930F5F11AD16F68DAEB94C8CB17, EAE4E7436085D7A10CB8C90A75284EA9DCD9602E034F501FF36203FA74A8FCE8
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46802.EXE, No Action By User, 93, 1147950, 1.0.79602, , ame, , 5EE686EFDF016823B1C96CD871AA66B1, B8607028C5CC453A91A899F6B045D8C7BF93C9969F884A1270F5596768CBA5DB
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46902.EXE, No Action By User, 93, 1185007, 1.0.79602, , ame, , 4E322149AE25F4445FCB4D55051F8ACF, 6A2AA195B0405A3B6A881F452AF80B230AEF90E3FAF54B60D0B5B22402CD8270
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46896.EXE, No Action By User, 93, 1182208, 1.0.79602, , ame, , C6C1D1D96983F1EE5F9C29449181E6DC, 760A254C60924CE62D3B8348AAB61BECDA7EFE3F44428A3CCA64D907F1BAFA4D
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
www.malwarebytes.com
-Log Details-
Scan Date: 1/13/24
Scan Time: 3:32 PM
Log File: 8a1bbfd2-b220-11ee-84c3-3c7c3f80300e.json
-Software Information-
Version: 4.6.8.311
Components Version: 1.0.2242
Update Package Version: 1.0.79602
License: Trial
-System Information-
OS: Windows 10 (Build 19045.3930)
CPU: x64
File System: NTFS
User: DESKTOP-C21IV0L\Ježíšek
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 278402
Threats Detected: 56
Threats Quarantined: 0
Time Elapsed: 1 min, 34 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 4
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Module: 4
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, , , , , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
Registry Key: 9
PUP.Optional.Restoro, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Restoro, No Action By User, 7640, 551610, 1.0.79602, , ame, , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\Restoro, No Action By User, 7640, 551614, 1.0.79602, , ame, , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}, No Action By User, 7640, 551619, , , , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine.1, No Action By User, 7640, 551619, , , , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine, No Action By User, 7640, 551619, 1.0.79602, , ame, , ,
Trojan.Patched.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\NTFTQAYYALANNGJC_run, No Action By User, 12440, 1189151, , , , , ,
Trojan.Patched.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{624CE9C1-4848-4FF9-BA35-067D99D48BC2}, No Action By User, 12440, 1189151, , , , , ,
Trojan.Patched.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{624CE9C1-4848-4FF9-BA35-067D99D48BC2}, No Action By User, 12440, 1189151, , , , , ,
PUP.Optional.BundleInstaller, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent, No Action By User, 93, 1207888, , , , , ,
Registry Value: 2
PUP.Optional.BundleInstaller, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ut, No Action By User, 93, 1207888, , , , , ,
PUP.Optional.BundleInstaller, HKU\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|uTorrent, No Action By User, 93, 1207888, , , , , ,
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 2
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO, No Action By User, 9973, 921550, 1.0.79602, , ame, , ,
HackTool.KMSpico, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\KMSPICO, No Action By User, 9973, 921555, 1.0.79602, , ame, , ,
File: 35
PUP.Optional.Restoro, C:\WINDOWS\RESTORO.INI, No Action By User, 7640, 551609, 1.0.79602, , ame, , B73C97FB9AA7FB78A7D52E20A22A2AD4, 23F62304C123EB3729DDF78399A3E97A2BE09EA1386DCDAB753AD9C91BBFCB8B
Trojan.Patched.Generic, C:\WINDOWS\SYSTEM32\TASKS\NTFTQAYYALANNGJC_run, No Action By User, 12440, 1189151, , , , , 74CCBA422C14B9727A3460AF9551DCB5, 44F776ECFD6E34DDC4F2330D579E000E5D488BCF39D67AC11639C0C54C4B713C
Trojan.Patched.Generic, C:\USERS\JEžíšEK\APPDATA\ROAMING\ORIGIN\NUCLEUSCACHE\NTFTQAYYALANNGJC.EXE, No Action By User, 12440, 1189151, 1.0.79602, , ame, , C18A43DA1AF51D6D1EA492F0E9497DF9, 860700464AA65F93138A64C0EC165514B322C13BEA2690AC28F93FFCC7CA30CD
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk, No Action By User, 93, 1207888, , , , , CDC95104231E098D6D9C60863ADD8C8F, AF9D210AA75E0CA862BECAF3BC98B9F4D353082A1AFAC83B3DB0A7728816E6F6
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\Microsoft\Windows\Start Menu\µTorrent.lnk, No Action By User, 93, 1207888, , , , , 89A170E908270DD14FC61F227548EB18, 77D4284BC8E0BFEB5EE8F86BB5BFF6995C36A660F302C47BDE66F127BD0CF231
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\DESKTOP\µTorrent.lnk, No Action By User, 93, 1207888, , , , , DAD4FB2CCFCA98AC3B239E2FC957413B, 6140F326AA8040330ECE265E1B7CA58368DFB9105BA523888B0408C5F6BF78D2
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UTORRENT.EXE, No Action By User, 93, 1207888, 1.0.79602, , ame, , 1E93CB59D19D1F7FDA0C148E7383B59B, 1873FB64AA7167FE9EB20D29593C8FAB0D4D85B408872A11BF42EDE93ECBD335
Generic.Trojan.Malpack.DDS, C:\PROGRAMDATA\UNZIP.EXE, No Action By User, 1000002, 0, 1.0.79602, EB9443DF46003313FB29449B, dds, 02647526, 6CDB55B3AB73D33576EFC62DB69095F8, 54F610A4F9742B0CB0289077245F0A60245BB3E64E9E67F3DF547DBC23CAA3E2
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46348.EXE, No Action By User, 93, 1086270, 1.0.79602, , ame, , 600F20ABCC1FA9F5BDA0965D07B6855D, 7D89A16FC0D3AFA3CD78CC51E7AE6A81343CB14DE6FDCA9325142DECA5133515
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46096.EXE, No Action By User, 93, 1165198, 1.0.79602, , ame, , 4C958FCC0E655443553D2F6994BF0552, 2AD6315A1D1D832E2EC555E1B6BF9B51C8894F52B8999EEC8564C22540B657B2
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46514.EXE, No Action By User, 93, 1095642, 1.0.79602, , ame, , CDAE52391B92667C9FA26BE90862DC24, 081198C6B5236260AEE9B1183F96EE765E3581724D90B1C5E4484EB1755E773C
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46542.EXE, No Action By User, 93, 1104634, 1.0.79602, , ame, , 33A93C317CE7D83768BE259447B9D3DF, 74C45A5F2FFFFAD53CA82C3DAF94B5C21EF2E06BDBC2E6ECC8128124933CD6E5
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_45988.EXE, No Action By User, 93, 1123325, 1.0.79602, , ame, , 4D09FC00E24A240979951C19B6B64497, 261FCCA4A1177C03C7AFF8B3BCDBF4016C2A3DA6674E6AFB4C8A885D9784064B
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46304.EXE, No Action By User, 93, 1082103, 1.0.79602, , ame, , DC207CC725BA775FE9A5D7FD3ABBF0D1, 8CE54612B6BA168908343FC29C89C6D4CADBB05BAB38B87876FF9FB3E98B4E4E
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46682.EXE, No Action By User, 93, 1124933, 1.0.79602, , ame, , 21EA44D3A8D7CBCC07477A5C0D8795C8, 0CCF662DB06716FD3BA76CCC9178AB9AA613F41426EC69D69DDFCECC761E1A7E
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46828.EXE, No Action By User, 93, 1159036, 1.0.79602, , ame, , 1009E138A3EDEEF04EC3A0C3BDDFDF20, 962CA30406E010630CC520C1B63233C8D67CDAB34C4E389DD16CF4957B938D91
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46922.EXE, No Action By User, 93, 1194600, 1.0.79602, , ame, , 3839CF1C5D36C519D906EFB02F1CE926, A874053DF1DD29288B9F3518B8E14FE6BE99728FD86AF9FB070A02C997C87731
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46716.EXE, No Action By User, 93, 1129493, 1.0.79602, , ame, , DB5A4011B86CE680FC16120B8B2FDABA, 70D8024DBE50A74714AC6A2E316E0C3F58FE7DB94C2AC2E6CCD513759E4BD386
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46738.EXE, No Action By User, 93, 1131981, 1.0.79602, , ame, , FD42379761A5DDA477083EBFB172286B, 9A27F17D859D7F60A26030C7A0EF3698FFA0FF5FF4230963E52AB79A6A4DACDF
PUP.Optional.DotSetupIo, C:\USERS\JEžíšEK\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO8-X64.EXE, No Action By User, 10166, 1149654, 1.0.79602, , ame, , D884550A8B075167353DB3BC9118DD18, BE2C1E8B419D8F8E85FB7A4A4E6A6C908244EE9520F9657DA932C23CF7ED4DDB
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46846.EXE, No Action By User, 93, 1167217, 1.0.79602, , ame, , 7C818376F29466E72B69CD878A7DD0F4, 013023744F27EDBAF437FD0888FF1B6A3FF8F6E7241607388438B58AF76C9470
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46884.EXE, No Action By User, 93, 1171441, 1.0.79602, , ame, , 92CC8E57B8D0761F2171D36C6FC9BAC1, E9F75781B480417053533A270E0C941426BA65F32B8AAB62AAF0039B961F1228
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_46200.EXE, No Action By User, 93, 1107212, 1.0.79602, , ame, , 7C4F15EA0F16F5BFD2E868D70ADED600, D91E240254EBB233F7F23FA1AFE91C12089EED919E9FF85E4CB7A8AEB04B5A51
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46674.EXE, No Action By User, 93, 1177228, 1.0.79602, , ame, , 6AB2DCB825A2EEF0023C2B606DA11E2E, 346B206A7FCB7F1E7D04E57DE8F5214218E04BC800A1114071619B508811BC7F
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46984.EXE, No Action By User, 93, 1207888, 1.0.79602, , ame, , 5C2FEB7B6272710AFD242AC8E153E020, F93BB52B7D806215F52D2ECDF1F2C6DF5CAB7152BAA930F242B12ACDBB0BA478
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46944.EXE, No Action By User, 93, 1200935, 1.0.79602, , ame, , 5E1DEE1E8D566C37B64BB363AFFF7435, E8DD74077679787C534757099879EE763215DFEA2EDF19560B0230EFA7B1476F
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\UTORRENT.EXE, No Action By User, 93, 1207888, 1.0.79602, , ame, , 1E93CB59D19D1F7FDA0C148E7383B59B, 1873FB64AA7167FE9EB20D29593C8FAB0D4D85B408872A11BF42EDE93ECBD335
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46822.EXE, No Action By User, 93, 1156615, 1.0.79602, , ame, , ADBE1E273D0A089B497729ED595762AA, 15863738C35FBED4A984569C7A49556C79D528176431FADAD0C094E069A4EF8C
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46904.EXE, No Action By User, 93, 1192101, 1.0.79602, , ame, , 078A33F16906087BCA73770103372A64, FA32892A5874E72B179E7C0F098E3EBF684BF1258497C0823D54AEC3408CE094
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46590.EXE, No Action By User, 93, 1116198, 1.0.79602, , ame, , 4B4149C544EA79ACCC7CB55015FCC0FA, 761BE1C00F156CAA8D04DB5BD0E2F7B3F12FD0B4B9F29BD4E0AF13125F2E4646
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46672.EXE, No Action By User, 93, 1170957, 1.0.79602, , ame, , 437ED8763AE1A4D9FA62F3643927CCC6, 94D24CAD6B8E158DF73247376A420291E2D954CE387E4A6665670A4E8E586EE3
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46812.EXE, No Action By User, 93, 1148570, 1.0.79602, , ame, , 8CDC1930F5F11AD16F68DAEB94C8CB17, EAE4E7436085D7A10CB8C90A75284EA9DCD9602E034F501FF36203FA74A8FCE8
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46802.EXE, No Action By User, 93, 1147950, 1.0.79602, , ame, , 5EE686EFDF016823B1C96CD871AA66B1, B8607028C5CC453A91A899F6B045D8C7BF93C9969F884A1270F5596768CBA5DB
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46902.EXE, No Action By User, 93, 1185007, 1.0.79602, , ame, , 4E322149AE25F4445FCB4D55051F8ACF, 6A2AA195B0405A3B6A881F452AF80B230AEF90E3FAF54B60D0B5B22402CD8270
PUP.Optional.BundleInstaller, C:\USERS\JEžíšEK\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46896.EXE, No Action By User, 93, 1182208, 1.0.79602, , ame, , C6C1D1D96983F1EE5F9C29449181E6DC, 760A254C60924CE62D3B8348AAB61BECDA7EFE3F44428A3CCA64D907F1BAFA4D
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“
Program provede opravu, po automatickém restartu klikni na Zobrazit logovací soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
-------------
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
----------
. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
----------------
Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
https://www.majorgeeks.com/mg/getmirror ... ool,1.html
https://www.majorgeeks.com/mg/get/sopho ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html
Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs
----------
Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
klikni na „Skenování“ , po prohledání klikni na „ do karantény“
Program provede opravu, po automatickém restartu klikni na Zobrazit logovací soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.
-------------
Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
----------
. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
----------------
Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
https://www.majorgeeks.com/mg/getmirror ... ool,1.html
https://www.majorgeeks.com/mg/get/sopho ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html
Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs
----------
Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 1/14/24
Scan Time: 10:25 AM
Log File: db50a496-b2be-11ee-9daf-3c7c3f80300e.json
-Software Information-
Version: 4.6.8.311
Components Version: 1.0.2242
Update Package Version: 1.0.79634
License: Trial
-System Information-
OS: Windows 10 (Build 19045.3930)
CPU: x64
File System: NTFS
User: System
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 278989
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 20 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
www.malwarebytes.com
-Log Details-
Scan Date: 1/14/24
Scan Time: 10:25 AM
Log File: db50a496-b2be-11ee-9daf-3c7c3f80300e.json
-Software Information-
Version: 4.6.8.311
Components Version: 1.0.2242
Update Package Version: 1.0.79634
License: Trial
-System Information-
OS: Windows 10 (Build 19045.3930)
CPU: x64
File System: NTFS
User: System
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 278989
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 20 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Je§ˇçek (Administrator) on 13.01.2024 at 17:13:36,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Care 365.job (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job (Task)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.01.2024 at 17:15:04,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Je§ˇçek (Administrator) on 13.01.2024 at 17:13:36,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Care 365.job (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job (Task)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.01.2024 at 17:15:04,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Program : RogueKiller Anti-Malware
Version : 15.13.1.0
x64 : Yes
Program Date : Dec 5 2023
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : Ježíšek
User is Admin : Yes
Date : 2024/01/14 12:29:15
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 7
Found items : 0
Total scanned : 963
Signatures Version : 20240111_084438
Truesight Driver : Yes
Updates Count : 0
Arguments : -minimize
************************* Warnings *************************
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
************************* Registry *************************
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A
************************* Filesystem *************************
************************* Web Browsers *************************
************************* Antirootkit *************************
Version : 15.13.1.0
x64 : Yes
Program Date : Dec 5 2023
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : Ježíšek
User is Admin : Yes
Date : 2024/01/14 12:29:15
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 7
Found items : 0
Total scanned : 963
Signatures Version : 20240111_084438
Truesight Driver : Yes
Updates Count : 0
Arguments : -minimize
************************* Warnings *************************
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
************************* Registry *************************
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A
************************* Filesystem *************************
************************* Web Browsers *************************
************************* Antirootkit *************************
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-13-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3930)
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Ježíšek\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Windows\restoro.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Restoro
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Restoro.Engine
Deleted HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
Deleted HKLM\Software\Restoro
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2514 octets] - [13/01/2024 15:29:35]
AdwCleaner[S01].txt - [2575 octets] - [13/01/2024 17:09:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-13-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3930)
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Ježíšek\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Windows\restoro.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Restoro
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Restoro.Engine
Deleted HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
Deleted HKLM\Software\Restoro
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2514 octets] - [13/01/2024 15:29:35]
AdwCleaner[S01].txt - [2575 octets] - [13/01/2024 17:09:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Sophos něco našel?
Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni zoek:
https://datoid.cz/UeeEYf/zoek1-rar
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.
Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.
Vlož nový log z HJT + informuj o problémech
Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni zoek:
https://datoid.cz/UeeEYf/zoek1-rar
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.
Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.
Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
sophos nic nenašel
-
standacich
- Level 3
- Příspěvky: 514
- Registrován: říjen 12
- Bydliště: Hustopeče
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pc se seká
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Je§ˇçek on 14.01.2024 at 15:04:40,97.
Microsoft Windows 10 Pro 10.0.19045 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JEEK~1\Desktop\zoek (1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.01.2024 15:06:05 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\InstallShield Installation Information deleted successfully
C:\PROGRA~2\IObit deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Rebellion Oxford deleted successfully
C:\Program Files\Adobe deleted successfully
C:\PROGRA~3\Gametree deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\JEEK~2\AppData\\Local deleted successfully
C:\Users\JEEK~1\AppData\Local\DBG deleted successfully
C:\Users\JEEK~1\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02D22B75-5BB7-420C-B85A-5B796E2F6539} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A95B112-75BE-49B5-807F-EA9E77EF1707} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E4E0335-664A-4003-B7C2-1F55D266084A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EB31E19-7D0E-4176-AC44-660073144F9A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26EAFD6D-2264-4833-96EF-BAA934AE9294} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2874E324-306A-428E-A725-E8A2B23FBC47} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B1A3EAB-09FF-4504-8AEF-DD4238EA782F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CE47813-98F0-46E8-AB14-1F87DC7C22A6} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E1EBB88-0C1D-4CB3-884C-A98677949B41} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{324B2968-190E-408E-83CA-14D4FB9C35BB} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33F3788F-19D8-4538-86DA-C425748B7408} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3777D773-0D3A-4B94-BAC8-176FB47F8174} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C00F1E7-7BAD-4524-93A2-CFF22F4D7541} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46E6CC52-95D2-4E26-AE18-DB9A0B019E4D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{560573A4-D9CB-4BFA-82E3-54F80B73DE82} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56099C7A-BE98-433F-8D17-4B9CE12587E4} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58580F7A-66CF-4B7D-932F-E34010BDD957} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FD693C3-59F5-4951-9166-DE9337F34289} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7122421E-DEBF-4AD1-B84B-3309B87A48C7} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73ABAEB4-08D7-48A0-8CA3-EB1D6549814F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73D10DDA-E130-4824-9FF0-B93A1C844C3F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76C14027-8D5F-4D96-8EFF-794E0E2E7725} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78620D8D-A004-44EC-B8E7-420C1D8CB035} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B963533-E205-4139-9777-7D13BB93D883} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C9339B0-4251-4133-9342-01C83F853EDD} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CA44A52-47B9-4615-A384-B3A4BA951D76} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FBBAE11-8E16-4147-8211-D675A51F6DB2} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FCCA35B-11B3-4730-AC63-B0A4DC76BB74} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85D92D3F-7F20-4BDB-98B2-65C70D35A112} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{876F83E7-E351-44A7-A4A2-F09F3F7DD037} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{920CE9E3-EA8A-46FC-B14B-B481EF4A7906} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995DB18B-772C-4016-B0CC-1AA28A718659} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99846979-30FD-453E-A427-99217EA62571} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A3529EC-40C6-4669-B54A-53A80214A248} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A3EA55A-5B4D-4C15-9010-C74D13C63A8F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2F52185-FC1B-4864-BC44-D112005EC4BC} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4E176F5-96BE-4E94-96CA-9119E683BCF7} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B884F865-CB42-4388-9C3E-BFB338701EBB} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC699C02-8C83-4D86-BC12-D404C402504A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD67B86F-FC42-4AFB-83CF-E441C559DC3D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFDAB2B2-FD03-4646-B63B-CD607228677E} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C35B47AF-2F76-4E61-9EC9-32D2F33B063B} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5F1AA3A-F0C7-459D-B631-CB250090FF32} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7B3D0C4-9640-4E67-A348-7D6410A3590D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8BBEAB6-503C-4F55-B59D-9F819A9E3C7D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB5E3614-FECE-41C8-8A1D-CAD98CE5DB6A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC9FCB86-AEEB-4E30-BDA2-D2B8A5951CE0} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD17A817-F081-4879-B679-6DEC15AF76C4} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1F70730-2C1D-4FB9-BBED-94E112EEA247} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D20D1EFB-B269-4ED2-83E6-101189AB0248} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2FDBEFD-3629-422C-8EA4-B603D8730025} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF9FB5AF-287D-49B6-964A-0928136EA5FE} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2B16410-461F-4138-B39D-7568DEA74DC2} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D6FB3-4C3D-4727-96FE-45F4E4B2FAEA} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F96C8912-708B-47E4-AD73-832E5E8A3628} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC8F5225-F250-41FA-8C2D-E03418B29E7F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99846979-30FD-453E-A427-99217EA62571} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{99846979-30FD-453E-A427-99217EA62571} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\InstallShield Installation Information not found
C:\PROGRA~2\IObit not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Rebellion Oxford not found
C:\windows\SysNative\Tasks\HP Photo Creations Communicator deleted
C:\WINDOWS\tasks\HP Photo Creations Communicator.job deleted
C:\PROGRA~3\{150F4013-6884-4350-8DDC-6BFCB4C5DC15} deleted
C:\PROGRA~3\fontcacheev1.dat deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM24F3C.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM26538.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM28C68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2B274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C84B.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2F4B.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2FD5D.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99c61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99d2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99d4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99daf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99de0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99e40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99e51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99eb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99f5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99ffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a06c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a09d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a0af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a0e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a101.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a113.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a136.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a157.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173aa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173aa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173aa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ab7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ab9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173acb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173acd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173acf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ae0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ae2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ae4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173af6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173af8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16aba9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2803.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2815.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2817.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2829.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e282b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e282d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e283e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2840.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2852.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2854.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2866.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2868.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e286a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e287b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e287d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e288f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2891.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e28a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e28a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226663.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226684.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226696.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226698.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-22670e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226710.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226721.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226723.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b6f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b728.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b73a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b73c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b73e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b78e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b805.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b826.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b828.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b84a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b86b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b87d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b89e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b8af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b900.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170d6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170de2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170de4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ea2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ec4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ed5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ed7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ac87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ac99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acc0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acc2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ace3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139adbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139addf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ae01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ae22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bffb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c024.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c026.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c028.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c03a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c03c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c03e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f8279f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f8281e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f8283f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82851.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82862.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82874.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82886.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82897.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f829e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82a12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82a34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82a45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82b22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82b72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82bc2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82c51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82c82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82c93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82cc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ab6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114acc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ade.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c1ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c1fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c1fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c20f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c211.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c222.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c224.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c226.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c238.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c23a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c23c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c24e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c25f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c271.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c273.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c275.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c287.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c289.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c28b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd729.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd72b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd72d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd73f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd741.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd743.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd754.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd756.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd76a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd76c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd77e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd780.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd791.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd793.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd7a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd7a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd7ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-eda7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-eda7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-eda9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edab0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edac5.tmp deleted
Tool run by Je§ˇçek on 14.01.2024 at 15:04:40,97.
Microsoft Windows 10 Pro 10.0.19045 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JEEK~1\Desktop\zoek (1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.01.2024 15:06:05 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\InstallShield Installation Information deleted successfully
C:\PROGRA~2\IObit deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Rebellion Oxford deleted successfully
C:\Program Files\Adobe deleted successfully
C:\PROGRA~3\Gametree deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\JEEK~2\AppData\\Local deleted successfully
C:\Users\JEEK~1\AppData\Local\DBG deleted successfully
C:\Users\JEEK~1\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02D22B75-5BB7-420C-B85A-5B796E2F6539} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A95B112-75BE-49B5-807F-EA9E77EF1707} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E4E0335-664A-4003-B7C2-1F55D266084A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EB31E19-7D0E-4176-AC44-660073144F9A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26EAFD6D-2264-4833-96EF-BAA934AE9294} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2874E324-306A-428E-A725-E8A2B23FBC47} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B1A3EAB-09FF-4504-8AEF-DD4238EA782F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CE47813-98F0-46E8-AB14-1F87DC7C22A6} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E1EBB88-0C1D-4CB3-884C-A98677949B41} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{324B2968-190E-408E-83CA-14D4FB9C35BB} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33F3788F-19D8-4538-86DA-C425748B7408} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3777D773-0D3A-4B94-BAC8-176FB47F8174} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C00F1E7-7BAD-4524-93A2-CFF22F4D7541} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46E6CC52-95D2-4E26-AE18-DB9A0B019E4D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{560573A4-D9CB-4BFA-82E3-54F80B73DE82} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56099C7A-BE98-433F-8D17-4B9CE12587E4} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58580F7A-66CF-4B7D-932F-E34010BDD957} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FD693C3-59F5-4951-9166-DE9337F34289} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7122421E-DEBF-4AD1-B84B-3309B87A48C7} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73ABAEB4-08D7-48A0-8CA3-EB1D6549814F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73D10DDA-E130-4824-9FF0-B93A1C844C3F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76C14027-8D5F-4D96-8EFF-794E0E2E7725} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78620D8D-A004-44EC-B8E7-420C1D8CB035} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B963533-E205-4139-9777-7D13BB93D883} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C9339B0-4251-4133-9342-01C83F853EDD} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CA44A52-47B9-4615-A384-B3A4BA951D76} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FBBAE11-8E16-4147-8211-D675A51F6DB2} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FCCA35B-11B3-4730-AC63-B0A4DC76BB74} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85D92D3F-7F20-4BDB-98B2-65C70D35A112} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{876F83E7-E351-44A7-A4A2-F09F3F7DD037} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{920CE9E3-EA8A-46FC-B14B-B481EF4A7906} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995DB18B-772C-4016-B0CC-1AA28A718659} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99846979-30FD-453E-A427-99217EA62571} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A3529EC-40C6-4669-B54A-53A80214A248} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A3EA55A-5B4D-4C15-9010-C74D13C63A8F} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2F52185-FC1B-4864-BC44-D112005EC4BC} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4E176F5-96BE-4E94-96CA-9119E683BCF7} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B884F865-CB42-4388-9C3E-BFB338701EBB} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC699C02-8C83-4D86-BC12-D404C402504A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD67B86F-FC42-4AFB-83CF-E441C559DC3D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFDAB2B2-FD03-4646-B63B-CD607228677E} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C35B47AF-2F76-4E61-9EC9-32D2F33B063B} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5F1AA3A-F0C7-459D-B631-CB250090FF32} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7B3D0C4-9640-4E67-A348-7D6410A3590D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8BBEAB6-503C-4F55-B59D-9F819A9E3C7D} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB5E3614-FECE-41C8-8A1D-CAD98CE5DB6A} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC9FCB86-AEEB-4E30-BDA2-D2B8A5951CE0} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD17A817-F081-4879-B679-6DEC15AF76C4} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1F70730-2C1D-4FB9-BBED-94E112EEA247} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D20D1EFB-B269-4ED2-83E6-101189AB0248} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2FDBEFD-3629-422C-8EA4-B603D8730025} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF9FB5AF-287D-49B6-964A-0928136EA5FE} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2B16410-461F-4138-B39D-7568DEA74DC2} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D6FB3-4C3D-4727-96FE-45F4E4B2FAEA} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F96C8912-708B-47E4-AD73-832E5E8A3628} deleted successfully
HKEY_USERS\S-1-5-21-1281406962-3314162763-874290966-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC8F5225-F250-41FA-8C2D-E03418B29E7F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99846979-30FD-453E-A427-99217EA62571} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{99846979-30FD-453E-A427-99217EA62571} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\InstallShield Installation Information not found
C:\PROGRA~2\IObit not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Rebellion Oxford not found
C:\windows\SysNative\Tasks\HP Photo Creations Communicator deleted
C:\WINDOWS\tasks\HP Photo Creations Communicator.job deleted
C:\PROGRA~3\{150F4013-6884-4350-8DDC-6BFCB4C5DC15} deleted
C:\PROGRA~3\fontcacheev1.dat deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM24F3C.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM26538.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM28C68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2B274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C84B.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2F4B.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2FD5D.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99c61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99d2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99d4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99daf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99de0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99e40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99e51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99eb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99f5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-99ffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a06c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a09d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a0af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a0e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a101.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a113.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a136.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1034-b8c-9a157.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173a90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173aa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173aa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173aa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ab7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ab9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173acb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173acd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173acf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ae0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ae2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173ae4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173af6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-104-225c-173af8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16ab97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1048-3374-16aba9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2803.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2815.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2817.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2829.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e282b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e282d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e283e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2840.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2852.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2854.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2866.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2868.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e286a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e287b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e287d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e288f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e2891.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e28a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1050-3018-e28a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226663.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226684.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226696.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226698.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-2266fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-22670e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226710.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226721.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-107c-2038-226723.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b6f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b728.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b73a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b73c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b73e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b78e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b7e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b805.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b826.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b828.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b84a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b86b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b87d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b89e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b8af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-108-1258-84b900.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170d6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170dd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170de2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170de4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170e91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ea2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ec4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ed5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1090-2f80-170ed7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ac87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ac99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acc0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acc2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ace3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139acf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ad9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139adbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139addf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ae01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10b4-27d4-139ae22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bffb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12bfff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c024.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c026.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c028.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c03a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c03c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10f4-1148-12c03e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f8279f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f8281e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f8283f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82851.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82862.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82874.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82886.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82897.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f829e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82a12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82a34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82a45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82b22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82b72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82bc2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82c51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82c82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82c93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1130-1e0c-4f82cc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114a9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ab6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114acc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114ade.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11a0-4f4-114b59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c1ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c1fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c1fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c20f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c211.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c222.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c224.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c226.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c238.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c23a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c23c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c24e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c25f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c271.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c273.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c275.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c287.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c289.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11b8-2300-13c28b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd729.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd72b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd72d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd73f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd741.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd743.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd754.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd756.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd76a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd76c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd77e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd780.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd791.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd793.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd7a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd7a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11cc-242c-cd7ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-eda7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-eda7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-eda9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edab0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11f0-d54-edac5.tmp deleted
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 44 hostů