C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b2d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b326.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b348.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b369.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b38a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b4e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b816.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b876.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b8d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90b926.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90badd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90bb2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90bb7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90bd64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90be22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90bedf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e2c-2be0-90c104.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd57f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd5812.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd5823.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd5835.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd5856.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd5868.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd587a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd588b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd589d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd58ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd58c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd58d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd58d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd58e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd58f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd5909.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd591a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd594b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f98-d38-dcd595d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-2898d8b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-2898f78c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-2899146c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-289920d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-289920e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-2899227c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28992906.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28992c63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28992dfc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28992e0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28992fb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-2899312e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-289932c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-289941dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28994cda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28994fea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28995328.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-28996347.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-300-3448-289964c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b8e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b8f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b904.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b916.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b928.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b94b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b95c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b96e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b9b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b9c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b9e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7b9f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7ba2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7ba3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-31f0-1530-38b7ba4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a938e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93906.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93927.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a9395a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a9399b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a939fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93a1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93a2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93a8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93a9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93ac0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93ad2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93b05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93b26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93b47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93b68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3200-27a0-15a93b8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fc69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fc8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fc9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fcae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fccf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fce1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fcf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fd91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fda3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fdc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3294-1e1c-ad13fdd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d062cb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d062e6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d062fa5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d062ff6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d0630b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063171.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d0631f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d06333a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063416.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d0634a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063516.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d0635d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063665.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063741.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d06381e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d0638eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-32d8-c40-5d063aa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460b70f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460b9ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460ba40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460ba90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bbbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bc78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bcb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bcda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bd98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460be07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bf13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bf63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460bf94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460c070.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460c16c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460c259.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460c2a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460c3c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33bc-2524-6460c472.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-37290262.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372902a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372902c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372902d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372902f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-37290308.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-3729032a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-37290399.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372903ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372903fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-3729040c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-3729043d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-3729045f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-37290470.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-37290491.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372904a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372904b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-372904e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35b0-c3c-37290507.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c7fd5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c7fde9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c7fe87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c7ff16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c800ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c8016c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c801eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c802a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c80327.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c803c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c80425.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c80494.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c80542.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c8064e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c806bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c8076b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c80942.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c809d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-38d8-37e8-75c80a21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159851de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-1598520f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-15985221.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159852a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159852c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159852e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-15985303.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-15985334.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-15985356.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-15985377.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-15985388.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159853b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159853cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159853fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-1598541d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-1598543e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-159854dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-1598553c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-394-2dac-1598554e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9bcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9bec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9c0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9c1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9c40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9c52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9c83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9c95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9cb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9cc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9cd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9cfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9d0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9d2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9d3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9d60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9d81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9da3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-47c-1628-91a9dc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da573e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da57418.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da57439.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5744b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5746c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da574bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da574ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5750f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da57520.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5759f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da575c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da575d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da575f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da57605.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da57617.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da57628.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5763a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5765b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-488-2a70-da5769c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a74a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7521.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a75b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7b13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7b73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7be2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7e84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7ec4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a7ef5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a8001.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a80af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a816c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a817e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a8299.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a82ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a8359.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a8416.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c0-1f78-1a8428.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a327.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a387.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a398.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a3ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a3cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a3ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a3fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a43f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a460.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a4ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a752.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a773.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a811.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a852.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a892.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a8a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a8b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a8d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-540-e7c-4d01a994.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d20b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d20d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d20e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d20fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d210b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d211d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d214e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d215f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d2161.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d2163.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d21a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d21b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d21c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d21f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d220a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d221b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d222d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d224e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5b8-16e8-d2260.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f200b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f205b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f207d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f209e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f20bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f20e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2102.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2123.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2154.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f21e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2233.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2254.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f22e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2390.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f23b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f23d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f23f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2425.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5d0-29e0-65f2465.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6aed9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6aefa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6af1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6af3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6af5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b0b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b240.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b2af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b2c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b321.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b47b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b49c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b4fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b52c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b54e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b55f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b5b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-7a8-28c6b5c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53afd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b072.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b151.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b1d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b24f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b36a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b38b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b523.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b5d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b72b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b73d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b839.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53b925.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53ba21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53ba42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53ba73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53bb40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53bc5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53bcac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53bd79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53bd9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53c24f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53c435.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53c81f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53ca54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53cc5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-708-2e1c-53cdf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d6b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d6e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d714.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d735.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d746.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d7b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d818.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d868.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d879.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d89b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d8eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d90c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d91e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d92f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468d950.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468dae9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468db97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-724-2efc-2468dbc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b008cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00ba0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00bc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00be2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00c13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00c35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00d40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00d81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00e0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00f3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b00f7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b01048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b01192.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b011e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b01213.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b012d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b01340.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b013ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-758-8f4-b014da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613808.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613858.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-3761387a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-3761389b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-376138bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-376138dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-3761390e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-3761394f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-376139a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-376139c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-376139e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613a05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613a26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613a57.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613a78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613a8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613aba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-86c-1410-37613aeb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7004.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7035.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7056.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7077.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af70c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af70eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af70fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af711e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af712f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7150.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7162.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af723f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7260.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7272.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af7293.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af72a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af72d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8e8-237c-31af72f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb1ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb1dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb1ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb20f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb220.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb242.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb253.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb265.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb286.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb298.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb2b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb2cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb2ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb2fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb30f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb330.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb342.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb363.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-7ec-64ffb375.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136541.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136553.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-513663f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136660.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136672.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136693.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-51366c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-51366d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-51366f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136708.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-513671a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-513672c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-513673d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-513674f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136761.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-513681e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136830.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-5136841.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-960-23a4-51368e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017b12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017b82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017bb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017bd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017bf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017c71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017ca1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017cc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017ce4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017d05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017d17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017d28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-97c-1dcc-5017d98.tmp deleted
Viry, lagy Vyřešeno
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adeed8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adefb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adefd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf017.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf1bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf1ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf211.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf251.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf3ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf40b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf41d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf45d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf4ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf5d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf609.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf61b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf64b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf69c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf70b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a98b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a98f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9908.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a992a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a994b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a996c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a997e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a999f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a99b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a99d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9a80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9aa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9ab3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9ad4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9ae5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4765.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4796.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b47a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b47b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4848.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b48f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4a42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4ab1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4ad2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4af4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4b34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4b75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4b86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4c34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4c75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4ca6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4d05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4d36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3e9e62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3e9fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea069.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea117.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea1f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea2a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea2d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea2f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea334.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea375.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea396.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea4d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea502.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea552.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea563.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea5b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea606.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea617.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7739e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d773bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77400.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77440.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77471.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77493.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7752b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7754c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7754e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7757f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d775a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d775a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d775c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09af78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09afa8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b0e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b116.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b166.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b187.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b199.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b1ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b1db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b25a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b26c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b27e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b2ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b39b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b4b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b4d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b4fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca196.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca496.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca822.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca8c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca9eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238caa1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238caae9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cabf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cacb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cadae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cae4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238caf97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb064.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb0a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb1a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb28d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb2ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb446.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb5bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106814c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681530.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681542.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681554.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-1068161d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-1068163e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681779.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-1068178b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106817ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106817cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106817ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681810.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681831.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658412.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376586b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376586e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658706.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658727.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658738.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-3765875a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-3765877b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376587ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376587bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376587ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658800.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658831.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658842.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658854.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658866.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658887.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376589a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376589f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11607682.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11608ebf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11609cdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11609fda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160a655.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160a85a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160aa7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160af25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160b33d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160b766.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160bc69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160c218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160c6ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160cf6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160d4ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160d683.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160da7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160e126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160ec44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c19ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c19de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c19ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1aa7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1ada.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1afb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1bb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1bd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-52567d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-5256be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-52575c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-52579c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-5258a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525946.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-5259e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525ae1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525b21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525c0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525c5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525c9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525d1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525d6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525dae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525ddf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525f09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525f98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4683a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4684ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4685c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468648.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468725.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468775.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468881.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4688e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468911.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468990.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4689c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468a30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468aa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468ab1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468b5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468b90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468c6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468d4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2ce92f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cebc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cec30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cec71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cecc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2ced01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cedcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cee1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cee5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2ceebf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cef2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cefcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cefee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf06f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf0bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf10f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf1ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf1fd.tmp deleted
C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted
==== Orphaned Tasks deleted from Registry ======================
Lenovo\ImController deleted
Lenovo\ImController\TimeBasedEvents deleted
==== Chromium Look ======================
Google Chrome Version: 87.0.4280.88
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dhdgffkkebhmkfjojejmpbldmpobfkfo - No path found[]
Bob Marley Tribute - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahanpmgekmileoidjopjeghlchcigafk
Chrome Media Router - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{BD73967D-B1CD-4E24-A898-6A25B7119A4C}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{BD73967D-B1CD-4E24-A898-6A25B7119A4C} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{BD73967D-B1CD-4E24-A898-6A25B7119A4C}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{BD73967D-B1CD-4E24-A898-6A25B7119A4C} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKCU\SearchScopes "DefaultScope"="{BD73967D-B1CD-4E24-A898-6A25B7119A4C}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{BD73967D-B1CD-4E24-A898-6A25B7119A4C} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
==== Reset Google Chrome ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=50 folders=1880 1881951 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 26.12.2020 at 23:58:33,61 ======================
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adefb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adefd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf017.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf1bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf1ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf211.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf251.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf3ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf40b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf41d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf45d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf4ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf5d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf609.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf61b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf64b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf69c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a3c-79c-adf70b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a98b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a98f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9908.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a992a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a994b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a996c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a997e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a999f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a99b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a99d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9a80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9aa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9ab3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9ad4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9ae5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b68-3198-1e7a9b7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4765.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4796.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b47a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b47b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4848.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b48f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4a42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4ab1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4ad2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4af4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4b34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4b75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4b86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4c34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4c75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4ca6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4d05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b80-85c-154b4d36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3e9e62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3e9fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea069.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea117.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea1f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea2a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea2d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea2f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea334.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea375.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea396.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea4d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea502.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea552.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea563.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea5b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea606.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b98-2170-b3ea617.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7739e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d773bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77400.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77440.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77471.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77493.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d774fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7752b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7754c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7754e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d7757f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d775a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d775a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d775c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c0c-1ed4-21d77624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09af78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09afa8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b0e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b116.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b166.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b187.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b199.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b1ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b1db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b25a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b26c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b27e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b2ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b39b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b4b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b4d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c18-a60-1b09b4fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca196.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca496.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca822.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca8c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238ca9eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238caa1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238caae9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cabf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cacb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cadae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cae4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238caf97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb064.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb0a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb1a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb28d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb2ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb446.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-1c64-238cb5bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106814c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681530.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681542.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681554.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106815fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-1068161d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-1068163e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681779.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-1068178b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106817ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106817cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-106817ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681810.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-1d4c-10681831.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658412.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376586b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376586e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658706.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658727.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658738.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-3765875a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-3765877b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376587ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376587bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376587ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658800.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658831.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658842.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658854.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658866.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-37658887.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376589a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e04-322c-376589f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11607682.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11608ebf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11609cdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-11609fda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160a655.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160a85a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160aa7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160af25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160b33d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160b766.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160bc69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160c218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160c6ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160cf6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160d4ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160d683.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160da7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160e126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e28-1678-1160ec44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c19ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c19de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c19ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1a96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1aa7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1ada.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1afb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1b82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1bb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e6c-14bc-147c1bd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-52567d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-5256be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-52575c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-52579c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-5258a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525946.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-5259e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525ae1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525b21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525c0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525c5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525c9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525d1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525d6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525dae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525ddf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525f09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f84-259c-525f98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4683a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4684ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4685c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468648.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468725.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468775.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468881.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4688e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468911.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468990.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-4689c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468a30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468aa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468ab1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468b5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468b90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468c6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fb0-2774-468d4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2ce92f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cebc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cec30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cec71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cecc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2ced01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cedcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cee1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cee5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2ceebf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cef2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cefcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cefee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf06f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf0bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf10f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf1ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ff4-fbc-2cf1fd.tmp deleted
C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted
==== Orphaned Tasks deleted from Registry ======================
Lenovo\ImController deleted
Lenovo\ImController\TimeBasedEvents deleted
==== Chromium Look ======================
Google Chrome Version: 87.0.4280.88
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dhdgffkkebhmkfjojejmpbldmpobfkfo - No path found[]
Bob Marley Tribute - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahanpmgekmileoidjopjeghlchcigafk
Chrome Media Router - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{BD73967D-B1CD-4E24-A898-6A25B7119A4C}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{BD73967D-B1CD-4E24-A898-6A25B7119A4C} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{BD73967D-B1CD-4E24-A898-6A25B7119A4C}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{BD73967D-B1CD-4E24-A898-6A25B7119A4C} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKCU\SearchScopes "DefaultScope"="{BD73967D-B1CD-4E24-A898-6A25B7119A4C}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{BD73967D-B1CD-4E24-A898-6A25B7119A4C} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
==== Reset Google Chrome ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=50 folders=1880 1881951 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 26.12.2020 at 23:58:33,61 ======================
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 27.12.2020 0:17:47
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:01:32
Zkontrolované objekty : 1828
Zjištěné objekty : 0
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 4X AMD A4-6210 APU with AMD Radeon R3 Graphics
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 1282D9C7DA6937DF780226
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 27.12.2020 0:17:47
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:01:32
Zkontrolované objekty : 1828
Zjištěné objekty : 0
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 4X AMD A4-6210 APU with AMD Radeon R3 Graphics
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 1282D9C7DA6937DF780226
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Fungování se výrazně zlepšilo, už se tolik neseká, načítá rychleji a celkově reaguje daleko lépe.
Jen ten Windows Update mi stále nejde, aktualizuje se to strašnou dobu, restartuje mi to ntb a je to tam znova, už asi po desátý furt to samý, pošlu screen
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:21:46, on 27.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\Users\User\Desktop\HJT\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_54a72 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Conexant UIU Service (UIUService) - Conexant Systems, Inc. - C:\WINDOWS\system32\UIUSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10608 bytes
Jen ten Windows Update mi stále nejde, aktualizuje se to strašnou dobu, restartuje mi to ntb a je to tam znova, už asi po desátý furt to samý, pošlu screen
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:21:46, on 27.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\Users\User\Desktop\HJT\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_54a72 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Conexant UIU Service (UIUService) - Conexant Systems, Inc. - C:\WINDOWS\system32\UIUSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10608 bytes
- Přílohy
-
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Viry, lagy
Máš zapnuté aktualizace?
Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Ano, automatické aktualizace mám zapnuté ale tuto stáhnu a už jí nenainstaluju. Když vypnu ntb, běží třeba přes hodinu příprava aktualizací, vypne se a poté znovu a znovu.
----------------------------------------------------------------------------
CrystalDiskInfo 8.4.1 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 18363] (x64)
Date : 2020/12/27 13:55:56
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- ST1000LM024 HN-M101MBB
- PLDS DVD-RW DA8A6SH
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2BA30001
Serial Number : S30YJ9AGA21208
Disk Size : 1000,2 GB (7,9/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 8897 hod.
Power On Count : 5607 krát
Temperature : 25 C (77 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : FE00h [OFF]
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000221 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _89 _25 0000000009A1 Čas na roztočení ploten
04 _94 _94 __0 000000001844 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000022C1 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 00000000017C Počet pokusů o překalibrování
0C _95 _95 __0 0000000015E7 Počet cyklů zapnutí zařízení
BF _99 _99 __0 0000000041D5 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000061 Počet vypnutí disku
C2 _64 _51 __0 0031000D0019 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 100 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 00000000422F Počet chyb při zápisu sektorů
DF 100 100 __0 00000000017C Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _76 _76 __0 00000003BE9D Počet cyklů načítání/vymazání
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 000F 0000 0000 003F 0000 0000 0000
010: 5333 3059 4A39 4147 4132 3132 3038 2020 2020 2020
020: 0000 8000 0004 3242 4133 3030 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 3130 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0006 3FFF 000F 003F 3C4F 00EC 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F0E 0006 004C 0040
080: 01FF 0028 746B 7F29 6123 7469 BC09 6123 203F 0065
090: 0065 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 1109 5CB6 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 21 02 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5C 59 A1
020: 09 00 00 00 00 00 04 32 00 5E 5E 44 18 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 C1 22 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 7C 01 00 00 00 00 00 0C 32 00 5F 5F E7
080: 15 00 00 00 00 00 BF 22 00 63 63 D5 41 00 00 00
090: 00 00 C0 22 00 64 64 61 00 00 00 00 00 00 C2 02
0A0: 00 40 33 19 00 0D 00 31 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC 64 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 2F 42 00 00 00
0F0: 00 00 DF 32 00 64 64 7C 01 00 00 00 00 00 E1 32
100: 00 4C 4C 9D BE 03 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 38 31 00 5B
170: 03 00 01 00 02 D2 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CC
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
----------------------------------------------------------------------------
CrystalDiskInfo 8.4.1 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 18363] (x64)
Date : 2020/12/27 13:55:56
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- ST1000LM024 HN-M101MBB
- PLDS DVD-RW DA8A6SH
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2BA30001
Serial Number : S30YJ9AGA21208
Disk Size : 1000,2 GB (7,9/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 8897 hod.
Power On Count : 5607 krát
Temperature : 25 C (77 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : FE00h [OFF]
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000221 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _89 _25 0000000009A1 Čas na roztočení ploten
04 _94 _94 __0 000000001844 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000022C1 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 00000000017C Počet pokusů o překalibrování
0C _95 _95 __0 0000000015E7 Počet cyklů zapnutí zařízení
BF _99 _99 __0 0000000041D5 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000061 Počet vypnutí disku
C2 _64 _51 __0 0031000D0019 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 100 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 00000000422F Počet chyb při zápisu sektorů
DF 100 100 __0 00000000017C Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _76 _76 __0 00000003BE9D Počet cyklů načítání/vymazání
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 000F 0000 0000 003F 0000 0000 0000
010: 5333 3059 4A39 4147 4132 3132 3038 2020 2020 2020
020: 0000 8000 0004 3242 4133 3030 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 3130 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0006 3FFF 000F 003F 3C4F 00EC 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F0E 0006 004C 0040
080: 01FF 0028 746B 7F29 6123 7469 BC09 6123 203F 0065
090: 0065 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 1109 5CB6 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 21 02 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5C 59 A1
020: 09 00 00 00 00 00 04 32 00 5E 5E 44 18 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 C1 22 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 7C 01 00 00 00 00 00 0C 32 00 5F 5F E7
080: 15 00 00 00 00 00 BF 22 00 63 63 D5 41 00 00 00
090: 00 00 C0 22 00 64 64 61 00 00 00 00 00 00 C2 02
0A0: 00 40 33 19 00 0D 00 31 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC 64 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 2F 42 00 00 00
0F0: 00 00 DF 32 00 64 64 7C 01 00 00 00 00 00 E1 32
100: 00 4C 4C 9D BE 03 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 38 31 00 5B
170: 03 00 01 00 02 D2 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CC
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Simona (administrator) on SIMONA-NOTEBOOK (LENOVO 80E3) (27-12-2020 14:01:26)
Running from C:\Users\User\Desktop
Loaded Profiles: Simona
Platform: Windows 10 Home Version 1909 18363.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) D:\DAEMON Tools Lite\DTShellHlp.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [409280 2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\MountPoints2: {75884dad-2765-11ea-9ca3-507b9d809398} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\WINDOWS\system32\HPM1210LM.DLL [407040 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02663826-1CC7-4840-8791-EA91716CCF53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {0C46983F-7F89-431D-848B-AAA8D67D8952} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {0C96F49E-2538-4CB9-9EBC-18234344C69A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {0DF32CB5-DBDC-4E23-8F7D-7304D764C1B4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1299F086-898D-4392-BD9A-EEBDCD6CB6BB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {2E0D1B6A-2100-4FEE-AFC9-0B20E78C8818} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {3DED5BD8-C441-49AA-AB0D-0B4449797B4B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {46C3DA6F-B770-4803-98EB-BC21FE26A3FF} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170776 2019-06-20] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
Task: {4726C7C6-A33D-472E-8DE8-D20BEDCC4425} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {4BAFB999-E9BD-49F4-A954-B209E3E585E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5355E5C4-4AED-4606-8989-3CFA25ECD471} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1815535875-2732539743-2502002951-1002 => C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {6E494DDA-AACF-4C44-ADA1-0A186F29CE61} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7071E681-056A-431F-BB18-9B50E4F04EA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7727C503-0200-48B0-A917-9DA1C0651D1B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
Task: {B1E8507A-3BC0-4E5E-B4FC-3076FCE5BC19} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {CA1B0FA0-48BB-4B03-BE94-DB752D53D478} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D102526E-FE9C-4E69-A269-DFE6BBEDAFC4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D98FC27E-414F-4A8E-940A-2D932C65F39E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECB26816-2151-48C5-A5A1-4E8E9E211BF2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2EC610D-3487-42A9-B672-B66E24C19F8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1531de3d-ed5c-4a10-a2b3-ace891322719}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-27]
CHR Extension: (Bob Marley Tribute) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahanpmgekmileoidjopjeghlchcigafk [2020-12-27]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-27]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-27]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-27]
CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-12-27]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-27]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-27]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-27]
CHR HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-07] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030592 2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-25] (Mixbyte Inc -> Freemake)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-29] (Hewlett-Packard Company -> HP)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-26] (Malwarebytes Inc -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [176928 2019-06-20] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13684792 2020-12-14] (Adlice -> )
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2019-10-05] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-26] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-26] (Malwarebytes Inc -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-01-19] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-01-14] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 14:01 - 2020-12-27 14:04 - 000021189 _____ C:\Users\User\Desktop\FRST.txt
2020-12-27 14:00 - 2020-12-27 14:03 - 000000000 ____D C:\FRST
2020-12-27 13:54 - 2020-12-27 13:54 - 002286592 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-12-27 02:11 - 2020-12-27 02:11 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-12-26 23:55 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-12-26 22:08 - 2020-12-26 23:40 - 000000000 ____D C:\zoek_backup
2020-12-26 22:07 - 2020-12-27 00:20 - 000000000 ____D C:\Users\User\AppData\Local\AMSDK
2020-12-26 22:07 - 2020-12-26 22:07 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-26 22:07 - 2020-12-26 22:07 - 000003560 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-26 22:07 - 2020-12-26 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-26 22:07 - 2020-12-26 22:07 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-26 21:03 - 2020-12-26 21:03 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B
2020-12-26 18:42 - 2020-12-26 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-26 18:42 - 2020-12-26 18:42 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-26 18:38 - 2020-12-26 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-26 18:38 - 2020-12-26 18:38 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-26 18:07 - 2020-12-26 18:07 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2020-12-26 16:09 - 2020-12-26 16:09 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±
2020-12-26 16:04 - 2020-12-26 16:04 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá›
2020-12-26 12:37 - 2020-12-26 12:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-26 12:37 - 2020-12-26 12:37 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-26 12:37 - 2020-12-26 12:36 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-26 12:37 - 2020-12-26 12:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-26 12:36 - 2020-12-26 12:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-26 12:36 - 2020-12-26 12:36 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-26 12:19 - 2020-12-26 12:27 - 000000000 ____D C:\AdwCleaner
2020-12-26 11:54 - 2020-12-27 00:21 - 000000000 ____D C:\Users\User\Desktop\HJT
2020-12-25 23:34 - 2020-12-25 23:34 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J
2020-12-25 16:38 - 2020-12-25 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-12-25 16:38 - 2020-12-25 16:38 - 000000000 ____D C:\Program Files\qBittorrent
2020-12-25 16:25 - 2020-12-25 16:25 - 000000000 ____D C:\Users\User\AppData\Roaming\Disc-Soft
2020-12-25 16:21 - 2020-12-25 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2020-12-25 16:20 - 2020-12-25 16:20 - 000000000 ____D C:\ProgramData\Disc-Soft
2020-12-25 15:45 - 2020-12-25 15:45 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w
2020-12-24 10:15 - 2020-12-24 10:15 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙iç{~
2020-12-23 12:38 - 2020-12-23 12:38 - 000000000 ____D C:\Users\User\Documents\Zoom
2020-12-23 12:37 - 2020-12-23 12:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-12-23 12:36 - 2020-12-23 12:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Zoom
2020-12-19 21:07 - 2020-12-19 22:29 - 872293806 _____ C:\Users\User\Desktop\Chraň-nás-od-zlého-(2014)-CZ-Dabing-NOVINKA.avi
2020-12-19 19:28 - 2020-12-19 19:28 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś
2020-12-19 16:54 - 2020-12-19 16:54 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬·ÄR
2020-12-19 11:32 - 2020-12-19 11:32 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D
2020-12-18 15:34 - 2020-12-18 15:34 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s
2020-12-17 20:27 - 2020-12-17 20:27 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ůĎ]Ť
2020-12-17 17:35 - 2020-12-17 17:35 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ
2020-12-17 07:39 - 2020-12-17 07:39 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X•
2020-12-17 07:39 - 2020-12-17 07:38 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-17 07:39 - 2020-12-17 07:37 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-16 17:43 - 2020-12-16 18:30 - 511522272 _____ C:\Users\User\Desktop\Ordinace v růžové zahradě 2 - 1002 - Nejlepší kámoš.mp4
2020-12-16 17:40 - 2020-12-16 17:40 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â
2020-12-15 22:17 - 2020-12-15 21:04 - 977308313 _____ C:\Users\User\Desktop\Ordinace v růžové zahradě 2-1001--Špatný vtip---17.12.2020--.mp4
2020-12-12 16:38 - 2020-12-12 16:38 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙IŹ)6
2020-12-12 14:44 - 2020-12-12 14:44 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„
2020-12-12 13:12 - 2020-12-12 13:12 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A
2020-12-11 16:12 - 2020-12-11 16:12 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ
2020-12-10 16:37 - 2020-12-10 16:37 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ
2020-12-09 17:02 - 2020-12-09 17:02 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç
2020-12-09 15:48 - 2020-12-09 15:48 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS
2020-12-07 17:23 - 2020-12-07 18:37 - 1324605070 _____ C:\Users\User\Desktop\Boj o pevninu 2016 CZ dab.avi
2020-12-07 16:45 - 2020-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK
2020-12-06 20:47 - 2020-12-06 21:30 - 764601590 _____ C:\Users\User\Desktop\The Strangers - cz dabing.avi
2020-12-06 18:09 - 2020-12-06 18:50 - 733755392 _____ C:\Users\User\Desktop\Poslední-nás-zachrání-CZ-Dabing-Komedie,Horor,USA,2015.avi
2020-12-06 17:10 - 2020-12-06 17:56 - 736144728 _____ C:\Users\User\Desktop\Nová-dcera-CZ-dabing---Thriller--Horor,-USA,-2009-(nejlepsi-filmy.mypage.cz).avi
2020-12-06 15:06 - 2020-12-06 16:06 - 951769126 _____ C:\Users\User\Desktop\Collateral Beauty Druhá šance (2016) CZ.avi
2020-12-06 11:53 - 2020-12-06 11:53 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo
2020-12-06 09:04 - 2020-12-06 09:04 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő
2020-12-03 19:17 - 2020-12-03 19:17 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ
2020-12-03 18:28 - 2020-12-03 18:28 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™
2020-12-02 18:00 - 2020-12-02 18:44 - 703891790 _____ C:\Users\User\Desktop\MASKA_CZ_Dabing_celý_film_HD(720p).mp4
2020-11-29 19:09 - 2020-11-29 19:09 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër
2020-11-29 16:49 - 2020-11-29 16:49 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s
2020-11-27 19:11 - 2020-11-27 19:11 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°
2020-11-27 14:54 - 2020-11-27 14:54 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 14:05 - 2018-01-14 22:58 - 000453475 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-27 14:05 - 2018-01-14 22:58 - 000228943 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-12-27 13:58 - 2017-08-27 15:01 - 000000000 ____D C:\Program Files\CCleaner
2020-12-27 13:53 - 2019-10-05 18:00 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{63D458F5-851E-41EC-8FE4-DA27A83D20D1}
2020-12-27 13:52 - 2017-08-27 14:59 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-27 13:51 - 2019-10-05 18:00 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-27 02:15 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 02:09 - 2019-10-05 17:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-27 01:56 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-27 01:23 - 2019-10-05 18:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 01:23 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 01:22 - 2017-08-27 19:45 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-27 00:30 - 2020-10-13 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2020-12-27 00:30 - 2018-04-08 13:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-12-27 00:30 - 2018-01-14 18:05 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-12-26 22:07 - 2018-01-14 22:58 - 000000000 ____D C:\Users\User\AppData\Local\Zemana
2020-12-26 18:44 - 2018-01-14 04:27 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-26 16:25 - 2018-10-27 19:07 - 000000000 ____D C:\Users\User\Desktop\Microsoft Windows XP Professional SP3 CZ [ 8.2013 ]
2020-12-26 12:37 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-26 12:27 - 2019-10-05 18:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-12-26 12:27 - 2015-09-18 14:40 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-12-26 12:17 - 2018-02-07 15:33 - 000000000 ____D C:\Users\User\AppData\Local\AMD
2020-12-25 17:08 - 2017-10-29 13:05 - 000000000 ____D C:\QuadcoreM2
2020-12-25 16:50 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-25 16:48 - 2019-10-05 18:00 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-25 16:38 - 2020-01-03 17:13 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2020-12-25 16:36 - 2020-03-14 21:04 - 000000000 ____D C:\Users\User\Documents\PCSX2
2020-12-25 16:28 - 2017-12-17 11:29 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-25 16:21 - 2018-10-25 13:10 - 000000590 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2020-12-25 16:21 - 2018-06-20 16:44 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2020-12-25 16:15 - 2017-10-22 16:43 - 000000000 ____D C:\Users\User\AppData\Local\Hisuite
2020-12-24 10:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-24 10:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-19 14:38 - 2020-06-06 03:37 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 14:38 - 2020-06-06 03:37 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-19 11:15 - 2019-10-05 17:37 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-19 11:15 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-19 11:15 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-17 17:02 - 2017-08-29 16:21 - 000000000 ____D C:\Users\User\Desktop\Filmy
2020-12-17 07:38 - 2020-10-13 14:40 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-17 07:38 - 2020-04-16 13:39 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-17 07:38 - 2019-01-05 15:46 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-17 07:38 - 2019-01-05 15:46 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-17 07:38 - 2018-10-24 22:35 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-17 07:38 - 2018-06-22 10:26 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-17 07:37 - 2019-01-15 15:57 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-17 07:37 - 2019-01-05 15:46 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-17 07:37 - 2018-06-06 15:56 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-17 07:37 - 2018-06-06 15:56 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-10 18:26 - 2017-08-27 15:01 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-09 17:45 - 2018-01-10 14:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 15:44 - 2017-08-27 14:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-09 15:44 - 2017-08-27 14:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-04 17:50 - 2019-10-05 18:00 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 17:50 - 2019-10-05 18:00 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 15:24 - 2017-08-29 17:35 - 000000000 ____D C:\Users\User\Desktop\Pohádky
2020-12-01 17:13 - 2020-06-06 03:37 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-01 17:13 - 2020-06-06 03:37 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Simona (administrator) on SIMONA-NOTEBOOK (LENOVO 80E3) (27-12-2020 14:01:26)
Running from C:\Users\User\Desktop
Loaded Profiles: Simona
Platform: Windows 10 Home Version 1909 18363.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) D:\DAEMON Tools Lite\DTShellHlp.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [409280 2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\MountPoints2: {75884dad-2765-11ea-9ca3-507b9d809398} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\WINDOWS\system32\HPM1210LM.DLL [407040 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02663826-1CC7-4840-8791-EA91716CCF53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {0C46983F-7F89-431D-848B-AAA8D67D8952} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {0C96F49E-2538-4CB9-9EBC-18234344C69A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {0DF32CB5-DBDC-4E23-8F7D-7304D764C1B4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1299F086-898D-4392-BD9A-EEBDCD6CB6BB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {2E0D1B6A-2100-4FEE-AFC9-0B20E78C8818} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {3DED5BD8-C441-49AA-AB0D-0B4449797B4B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {46C3DA6F-B770-4803-98EB-BC21FE26A3FF} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170776 2019-06-20] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
Task: {4726C7C6-A33D-472E-8DE8-D20BEDCC4425} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {4BAFB999-E9BD-49F4-A954-B209E3E585E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5355E5C4-4AED-4606-8989-3CFA25ECD471} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1815535875-2732539743-2502002951-1002 => C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {6E494DDA-AACF-4C44-ADA1-0A186F29CE61} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7071E681-056A-431F-BB18-9B50E4F04EA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7727C503-0200-48B0-A917-9DA1C0651D1B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
Task: {B1E8507A-3BC0-4E5E-B4FC-3076FCE5BC19} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {CA1B0FA0-48BB-4B03-BE94-DB752D53D478} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D102526E-FE9C-4E69-A269-DFE6BBEDAFC4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D98FC27E-414F-4A8E-940A-2D932C65F39E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECB26816-2151-48C5-A5A1-4E8E9E211BF2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2EC610D-3487-42A9-B672-B66E24C19F8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1531de3d-ed5c-4a10-a2b3-ace891322719}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-27]
CHR Extension: (Bob Marley Tribute) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahanpmgekmileoidjopjeghlchcigafk [2020-12-27]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-27]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-27]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-27]
CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-12-27]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-27]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-27]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-27]
CHR HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-07] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030592 2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-25] (Mixbyte Inc -> Freemake)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-29] (Hewlett-Packard Company -> HP)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-26] (Malwarebytes Inc -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [176928 2019-06-20] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13684792 2020-12-14] (Adlice -> )
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2019-10-05] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-26] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-26] (Malwarebytes Inc -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-01-19] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-01-14] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 14:01 - 2020-12-27 14:04 - 000021189 _____ C:\Users\User\Desktop\FRST.txt
2020-12-27 14:00 - 2020-12-27 14:03 - 000000000 ____D C:\FRST
2020-12-27 13:54 - 2020-12-27 13:54 - 002286592 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-12-27 02:11 - 2020-12-27 02:11 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-12-26 23:55 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-12-26 22:08 - 2020-12-26 23:40 - 000000000 ____D C:\zoek_backup
2020-12-26 22:07 - 2020-12-27 00:20 - 000000000 ____D C:\Users\User\AppData\Local\AMSDK
2020-12-26 22:07 - 2020-12-26 22:07 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-26 22:07 - 2020-12-26 22:07 - 000003560 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-26 22:07 - 2020-12-26 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-26 22:07 - 2020-12-26 22:07 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-26 21:03 - 2020-12-26 21:03 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B
2020-12-26 18:42 - 2020-12-26 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-26 18:42 - 2020-12-26 18:42 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-26 18:38 - 2020-12-26 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-26 18:38 - 2020-12-26 18:38 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-26 18:07 - 2020-12-26 18:07 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2020-12-26 16:09 - 2020-12-26 16:09 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±
2020-12-26 16:04 - 2020-12-26 16:04 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá›
2020-12-26 12:37 - 2020-12-26 12:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-26 12:37 - 2020-12-26 12:37 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-26 12:37 - 2020-12-26 12:36 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-26 12:37 - 2020-12-26 12:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-26 12:36 - 2020-12-26 12:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-26 12:36 - 2020-12-26 12:36 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-26 12:19 - 2020-12-26 12:27 - 000000000 ____D C:\AdwCleaner
2020-12-26 11:54 - 2020-12-27 00:21 - 000000000 ____D C:\Users\User\Desktop\HJT
2020-12-25 23:34 - 2020-12-25 23:34 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J
2020-12-25 16:38 - 2020-12-25 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-12-25 16:38 - 2020-12-25 16:38 - 000000000 ____D C:\Program Files\qBittorrent
2020-12-25 16:25 - 2020-12-25 16:25 - 000000000 ____D C:\Users\User\AppData\Roaming\Disc-Soft
2020-12-25 16:21 - 2020-12-25 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2020-12-25 16:20 - 2020-12-25 16:20 - 000000000 ____D C:\ProgramData\Disc-Soft
2020-12-25 15:45 - 2020-12-25 15:45 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w
2020-12-24 10:15 - 2020-12-24 10:15 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙iç{~
2020-12-23 12:38 - 2020-12-23 12:38 - 000000000 ____D C:\Users\User\Documents\Zoom
2020-12-23 12:37 - 2020-12-23 12:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-12-23 12:36 - 2020-12-23 12:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Zoom
2020-12-19 21:07 - 2020-12-19 22:29 - 872293806 _____ C:\Users\User\Desktop\Chraň-nás-od-zlého-(2014)-CZ-Dabing-NOVINKA.avi
2020-12-19 19:28 - 2020-12-19 19:28 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś
2020-12-19 16:54 - 2020-12-19 16:54 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬·ÄR
2020-12-19 11:32 - 2020-12-19 11:32 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D
2020-12-18 15:34 - 2020-12-18 15:34 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s
2020-12-17 20:27 - 2020-12-17 20:27 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ůĎ]Ť
2020-12-17 17:35 - 2020-12-17 17:35 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ
2020-12-17 07:39 - 2020-12-17 07:39 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X•
2020-12-17 07:39 - 2020-12-17 07:38 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-17 07:39 - 2020-12-17 07:37 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-16 17:43 - 2020-12-16 18:30 - 511522272 _____ C:\Users\User\Desktop\Ordinace v růžové zahradě 2 - 1002 - Nejlepší kámoš.mp4
2020-12-16 17:40 - 2020-12-16 17:40 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â
2020-12-15 22:17 - 2020-12-15 21:04 - 977308313 _____ C:\Users\User\Desktop\Ordinace v růžové zahradě 2-1001--Špatný vtip---17.12.2020--.mp4
2020-12-12 16:38 - 2020-12-12 16:38 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙IŹ)6
2020-12-12 14:44 - 2020-12-12 14:44 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„
2020-12-12 13:12 - 2020-12-12 13:12 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A
2020-12-11 16:12 - 2020-12-11 16:12 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ
2020-12-10 16:37 - 2020-12-10 16:37 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ
2020-12-09 17:02 - 2020-12-09 17:02 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç
2020-12-09 15:48 - 2020-12-09 15:48 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS
2020-12-07 17:23 - 2020-12-07 18:37 - 1324605070 _____ C:\Users\User\Desktop\Boj o pevninu 2016 CZ dab.avi
2020-12-07 16:45 - 2020-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK
2020-12-06 20:47 - 2020-12-06 21:30 - 764601590 _____ C:\Users\User\Desktop\The Strangers - cz dabing.avi
2020-12-06 18:09 - 2020-12-06 18:50 - 733755392 _____ C:\Users\User\Desktop\Poslední-nás-zachrání-CZ-Dabing-Komedie,Horor,USA,2015.avi
2020-12-06 17:10 - 2020-12-06 17:56 - 736144728 _____ C:\Users\User\Desktop\Nová-dcera-CZ-dabing---Thriller--Horor,-USA,-2009-(nejlepsi-filmy.mypage.cz).avi
2020-12-06 15:06 - 2020-12-06 16:06 - 951769126 _____ C:\Users\User\Desktop\Collateral Beauty Druhá šance (2016) CZ.avi
2020-12-06 11:53 - 2020-12-06 11:53 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo
2020-12-06 09:04 - 2020-12-06 09:04 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő
2020-12-03 19:17 - 2020-12-03 19:17 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ
2020-12-03 18:28 - 2020-12-03 18:28 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™
2020-12-02 18:00 - 2020-12-02 18:44 - 703891790 _____ C:\Users\User\Desktop\MASKA_CZ_Dabing_celý_film_HD(720p).mp4
2020-11-29 19:09 - 2020-11-29 19:09 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër
2020-11-29 16:49 - 2020-11-29 16:49 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s
2020-11-27 19:11 - 2020-11-27 19:11 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°
2020-11-27 14:54 - 2020-11-27 14:54 - 000000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 14:05 - 2018-01-14 22:58 - 000453475 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-27 14:05 - 2018-01-14 22:58 - 000228943 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-12-27 13:58 - 2017-08-27 15:01 - 000000000 ____D C:\Program Files\CCleaner
2020-12-27 13:53 - 2019-10-05 18:00 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{63D458F5-851E-41EC-8FE4-DA27A83D20D1}
2020-12-27 13:52 - 2017-08-27 14:59 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-27 13:51 - 2019-10-05 18:00 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-27 02:15 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 02:09 - 2019-10-05 17:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-27 01:56 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-27 01:23 - 2019-10-05 18:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 01:23 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 01:22 - 2017-08-27 19:45 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-27 00:30 - 2020-10-13 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2020-12-27 00:30 - 2018-04-08 13:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-12-27 00:30 - 2018-01-14 18:05 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-12-26 22:07 - 2018-01-14 22:58 - 000000000 ____D C:\Users\User\AppData\Local\Zemana
2020-12-26 18:44 - 2018-01-14 04:27 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-26 16:25 - 2018-10-27 19:07 - 000000000 ____D C:\Users\User\Desktop\Microsoft Windows XP Professional SP3 CZ [ 8.2013 ]
2020-12-26 12:37 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-26 12:27 - 2019-10-05 18:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-12-26 12:27 - 2015-09-18 14:40 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-12-26 12:17 - 2018-02-07 15:33 - 000000000 ____D C:\Users\User\AppData\Local\AMD
2020-12-25 17:08 - 2017-10-29 13:05 - 000000000 ____D C:\QuadcoreM2
2020-12-25 16:50 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-25 16:48 - 2019-10-05 18:00 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-25 16:38 - 2020-01-03 17:13 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2020-12-25 16:36 - 2020-03-14 21:04 - 000000000 ____D C:\Users\User\Documents\PCSX2
2020-12-25 16:28 - 2017-12-17 11:29 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-25 16:21 - 2018-10-25 13:10 - 000000590 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2020-12-25 16:21 - 2018-06-20 16:44 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2020-12-25 16:15 - 2017-10-22 16:43 - 000000000 ____D C:\Users\User\AppData\Local\Hisuite
2020-12-24 10:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-24 10:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-19 14:38 - 2020-06-06 03:37 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 14:38 - 2020-06-06 03:37 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-19 11:15 - 2019-10-05 17:37 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-19 11:15 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-19 11:15 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-17 17:02 - 2017-08-29 16:21 - 000000000 ____D C:\Users\User\Desktop\Filmy
2020-12-17 07:38 - 2020-10-13 14:40 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-17 07:38 - 2020-04-16 13:39 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-17 07:38 - 2019-01-05 15:46 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-17 07:38 - 2019-01-05 15:46 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-17 07:38 - 2018-10-24 22:35 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-17 07:38 - 2018-06-22 10:26 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-17 07:38 - 2018-06-06 15:56 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-17 07:37 - 2019-01-15 15:57 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-17 07:37 - 2019-01-05 15:46 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-17 07:37 - 2018-06-06 15:56 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-17 07:37 - 2018-06-06 15:56 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-10 18:26 - 2017-08-27 15:01 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-09 17:45 - 2018-01-10 14:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 15:44 - 2017-08-27 14:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-09 15:44 - 2017-08-27 14:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-04 17:50 - 2019-10-05 18:00 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 17:50 - 2019-10-05 18:00 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 15:24 - 2017-08-29 17:35 - 000000000 ____D C:\Users\User\Desktop\Pohádky
2020-12-01 17:13 - 2020-06-06 03:37 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-01 17:13 - 2020-06-06 03:37 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Simona (27-12-2020 14:07:43)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1909 18363.720 (X64) (2019-10-05 17:02:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1815535875-2732539743-2502002951-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1815535875-2732539743-2502002951-503 - Limited - Disabled)
Guest (S-1-5-21-1815535875-2732539743-2502002951-501 - Limited - Disabled)
Simona (S-1-5-21-1815535875-2732539743-2502002951-1002 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1815535875-2732539743-2502002951-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Any Video Converter Professional 7.0.7 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Audio Record Wizard (HKLM-x32\...\Audio Record Wizard) (Version: 7.21 - NowSmart)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Conexant Audio Filter Agent (HKLM\...\cAudioFilterAgent) (Version: 1.7.83.0 - Conexant Systems)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CrystalDiskInfo 8.4.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1567 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DolbyGUI (HKLM\...\DolbyGUI) (Version: - Conexant Systems)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
LenovoUsbDriver 1.1.13 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.13 - Lenovo)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft PowerPoint 2019 - cs-cz (HKLM\...\PowerPoint2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word 2019 - cs-cz (HKLM\...\Word2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.6.1000 - Maxthon International Limited)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
qBittorrent 4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.1 - The qBittorrent project)
QuadcoreM2 (HKLM-x32\...\{03C42CFB-61F6-4EC4-8746-F9DD1EF34B05}) (Version: 2.2.0 - Quadcore)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
RogueKiller version 14.8.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.1.0 - Adlice Software)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoom (HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => D:\DAEMON Tools Lite\dtshl64.dll [2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => D:\DAEMON Tools Lite\dtshl64.dll [2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-06-29 18:13 - 2016-06-29 18:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-08-07 06:39 - 2015-08-07 06:39 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:9341E0C6 [310]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2020-12-26 22:16 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2017-12-17 22:20 - 2017-12-17 22:20 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20170326_154143.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{78E96675-62BB-430A-9AA8-E5089AD58D2B}C:\quadcorem2\pack\core.bin] => (Allow) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [TCP Query User{8CBABD03-44BA-4966-9464-EB756233C274}C:\quadcorem2\pack\core.bin] => (Allow) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [{D490A365-5B40-481B-B6A7-7B6A81242702}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{939CDD5F-5ECF-4B02-AC04-83DF7D3E87A9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E1151F91-C1F5-42BA-B597-20FCA424EF46}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E3BE1CF2-3A24-4E67-A150-AE8C0BBE3637}] => (Allow) LPort=1688
FirewallRules: [{E1B18EA0-6743-4424-9C9A-3324C9A79C68}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [{4C169921-33DA-4283-8497-8E9C2D7C4C28}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [UDP Query User{AA461098-249A-425C-8BCF-1A4C53DEBB8E}C:\quadcorem2\pack\core.bin] => (Block) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [TCP Query User{74B9DFE4-E1A6-47BE-83DF-9270BA096CAC}C:\quadcorem2\pack\core.bin] => (Block) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [{592A4090-0BCA-4E30-B363-0EFD0B65ED81}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{FAD8919D-1B7B-4FAC-9623-3A755286B96B}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4DEAD85B-A943-4FA6-A471-37329C512226}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{DF89D26B-DBF0-4EB0-9B50-635F01206DC1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{ECE73C31-811F-4F01-BEA7-608B97754E23}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6603989-B04B-4872-8485-30EAA30EC2AF}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{15FFA0B5-61E1-40F6-B147-22C7E3970091}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0B61780D-86CB-4495-B67C-A4D3BC8D24DD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{72DDF579-CA03-4D25-86E3-A2A779A0FAB4}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
==================== Restore Points =========================
24-12-2020 10:17:37 Windows Update
26-12-2020 12:26:42 AdwCleaner_BeforeCleaning_26/12/2020_12:26:33
26-12-2020 18:45:07 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/27/2020 02:06:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:59:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7600,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 02:15:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:54:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9320,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:46:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:24:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5e0346af
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.719, časové razítko: 0x4061c730
Kód výjimky: 0xe0434352
Posun chyby: 0x00114192
ID chybujícího procesu: 0xf5c
Čas spuštění chybující aplikace: 0x01d6dbe695bf0df2
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 733b3d6a-c922-47a5-8f10-8e474fe78064
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/27/2020 01:24:06 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (12/27/2020 01:03:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2648,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 01:24:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/27/2020 01:24:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).
Error: (12/27/2020 01:24:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService64.exe neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/27/2020 01:22:49 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/27/2020 01:22:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Instalační služba modulů systému Windows se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/27/2020 12:30:40 AM) (Source: DCOM) (EventID: 10000) (User: SIMONA-NOTEBOOK)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (12/26/2020 11:59:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCSDK neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/26/2020 11:57:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
===================================
Date: 2020-02-26 18:27:43.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2708BFBC-54D8-4010-B560-C37325BE40BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-15 19:55:43.725
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F02DF9F3-E0D8-4CFD-8AFC-2B6E205E2A61}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-15 19:50:43.329
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68B43E57-563B-434B-B404-74DB333AD320}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-09 15:15:52.640
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive
ID: 2147728315
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\User\AppData\Local\Temp\HYD40A0.tmp.1578068077_permissionsCopy\updates\3.5.3_44494.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: SIMONA-NOTEBOOK\Simona
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.307.1967.0, AS: 1.307.1967.0, NIS: 1.307.1967.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2020-01-07 19:16:33.104
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4CE1D270-531F-4AE3-B536-545CD589320A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-08-19 17:54:51.332
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.331
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.330
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.304
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.301
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2020-12-27 13:59:53.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-27 13:58:33.740
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:58:25.797
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:55:06.164
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:12.885
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:12.291
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:11.693
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:09.014
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO A2CN45WW(V2.13) 08/04/2016
Motherboard: LENOVO Lancer 5B2
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 43%
Total physical RAM: 7128.26 MB
Available physical RAM: 4057.51 MB
Total Virtual: 7576.26 MB
Available Virtual: 4582.54 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:884.53 GB) (Free:579.92 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:10.83 GB) NTFS
\\?\Volume{ca53823b-9dd1-4a14-b06c-4e27393f2d0e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{42c09fca-7a0a-452b-ac37-91860c039ec1}\ (LENOVO_PART) (Fixed) (Total:19.76 GB) (Free:5.8 GB) NTFS
\\?\Volume{46db2df8-adca-4905-aa98-b458bf0abed6}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E332520)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Simona (27-12-2020 14:07:43)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1909 18363.720 (X64) (2019-10-05 17:02:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1815535875-2732539743-2502002951-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1815535875-2732539743-2502002951-503 - Limited - Disabled)
Guest (S-1-5-21-1815535875-2732539743-2502002951-501 - Limited - Disabled)
Simona (S-1-5-21-1815535875-2732539743-2502002951-1002 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1815535875-2732539743-2502002951-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Any Video Converter Professional 7.0.7 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Audio Record Wizard (HKLM-x32\...\Audio Record Wizard) (Version: 7.21 - NowSmart)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Conexant Audio Filter Agent (HKLM\...\cAudioFilterAgent) (Version: 1.7.83.0 - Conexant Systems)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CrystalDiskInfo 8.4.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1567 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DolbyGUI (HKLM\...\DolbyGUI) (Version: - Conexant Systems)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
LenovoUsbDriver 1.1.13 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.13 - Lenovo)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft PowerPoint 2019 - cs-cz (HKLM\...\PowerPoint2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word 2019 - cs-cz (HKLM\...\Word2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.6.1000 - Maxthon International Limited)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
qBittorrent 4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.1 - The qBittorrent project)
QuadcoreM2 (HKLM-x32\...\{03C42CFB-61F6-4EC4-8746-F9DD1EF34B05}) (Version: 2.2.0 - Quadcore)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
RogueKiller version 14.8.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.1.0 - Adlice Software)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoom (HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => D:\DAEMON Tools Lite\dtshl64.dll [2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => D:\DAEMON Tools Lite\dtshl64.dll [2020-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-06-29 18:13 - 2016-06-29 18:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-08-07 06:39 - 2015-08-07 06:39 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 18:13 - 2016-06-29 18:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:9341E0C6 [310]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2020-12-26 22:16 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2017-12-17 22:20 - 2017-12-17 22:20 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20170326_154143.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{78E96675-62BB-430A-9AA8-E5089AD58D2B}C:\quadcorem2\pack\core.bin] => (Allow) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [TCP Query User{8CBABD03-44BA-4966-9464-EB756233C274}C:\quadcorem2\pack\core.bin] => (Allow) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [{D490A365-5B40-481B-B6A7-7B6A81242702}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{939CDD5F-5ECF-4B02-AC04-83DF7D3E87A9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E1151F91-C1F5-42BA-B597-20FCA424EF46}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E3BE1CF2-3A24-4E67-A150-AE8C0BBE3637}] => (Allow) LPort=1688
FirewallRules: [{E1B18EA0-6743-4424-9C9A-3324C9A79C68}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [{4C169921-33DA-4283-8497-8E9C2D7C4C28}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [UDP Query User{AA461098-249A-425C-8BCF-1A4C53DEBB8E}C:\quadcorem2\pack\core.bin] => (Block) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [TCP Query User{74B9DFE4-E1A6-47BE-83DF-9270BA096CAC}C:\quadcorem2\pack\core.bin] => (Block) C:\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [{592A4090-0BCA-4E30-B363-0EFD0B65ED81}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{FAD8919D-1B7B-4FAC-9623-3A755286B96B}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4DEAD85B-A943-4FA6-A471-37329C512226}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{DF89D26B-DBF0-4EB0-9B50-635F01206DC1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{ECE73C31-811F-4F01-BEA7-608B97754E23}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6603989-B04B-4872-8485-30EAA30EC2AF}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{15FFA0B5-61E1-40F6-B147-22C7E3970091}] => (Allow) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0B61780D-86CB-4495-B67C-A4D3BC8D24DD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{72DDF579-CA03-4D25-86E3-A2A779A0FAB4}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
==================== Restore Points =========================
24-12-2020 10:17:37 Windows Update
26-12-2020 12:26:42 AdwCleaner_BeforeCleaning_26/12/2020_12:26:33
26-12-2020 18:45:07 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/27/2020 02:06:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:59:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7600,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 02:15:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:54:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9320,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:46:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 01:24:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5e0346af
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.719, časové razítko: 0x4061c730
Kód výjimky: 0xe0434352
Posun chyby: 0x00114192
ID chybujícího procesu: 0xf5c
Čas spuštění chybující aplikace: 0x01d6dbe695bf0df2
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 733b3d6a-c922-47a5-8f10-8e474fe78064
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/27/2020 01:24:06 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (12/27/2020 01:03:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2648,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 01:24:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/27/2020 01:24:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).
Error: (12/27/2020 01:24:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService64.exe neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/27/2020 01:22:49 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/27/2020 01:22:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Instalační služba modulů systému Windows se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/27/2020 12:30:40 AM) (Source: DCOM) (EventID: 10000) (User: SIMONA-NOTEBOOK)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (12/26/2020 11:59:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCSDK neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/26/2020 11:57:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
===================================
Date: 2020-02-26 18:27:43.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2708BFBC-54D8-4010-B560-C37325BE40BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-15 19:55:43.725
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F02DF9F3-E0D8-4CFD-8AFC-2B6E205E2A61}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-15 19:50:43.329
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68B43E57-563B-434B-B404-74DB333AD320}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-09 15:15:52.640
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive
ID: 2147728315
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\User\AppData\Local\Temp\HYD40A0.tmp.1578068077_permissionsCopy\updates\3.5.3_44494.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: SIMONA-NOTEBOOK\Simona
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.307.1967.0, AS: 1.307.1967.0, NIS: 1.307.1967.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2020-01-07 19:16:33.104
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4CE1D270-531F-4AE3-B536-545CD589320A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-08-19 17:54:51.332
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.331
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.330
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.304
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-08-19 17:54:51.301
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1203.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2020-12-27 13:59:53.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-27 13:58:33.740
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:58:25.797
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:55:06.164
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:12.885
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:12.291
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:11.693
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 13:54:09.014
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO A2CN45WW(V2.13) 08/04/2016
Motherboard: LENOVO Lancer 5B2
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 43%
Total physical RAM: 7128.26 MB
Available physical RAM: 4057.51 MB
Total Virtual: 7576.26 MB
Available Virtual: 4582.54 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:884.53 GB) (Free:579.92 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:10.83 GB) NTFS
\\?\Volume{ca53823b-9dd1-4a14-b06c-4e27393f2d0e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{42c09fca-7a0a-452b-ac37-91860c039ec1}\ (LENOVO_PART) (Fixed) (Total:19.76 GB) (Free:5.8 GB) NTFS
\\?\Volume{46db2df8-adca-4905-aa98-b458bf0abed6}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E332520)
Partition: GPT.
==================== End of Addition.txt =======================
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Viry, lagy
Máš u disků nastaveno: vypínat nikdy?
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
dva antiviry Avast? Jeden zapnutý?
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Stáhni si Security Check by screen317 z některého odkazu
http://www.bleepingcomputer.com/download/securitycheck/
https://www.bleepingcomputer.com/downlo ... ritycheck/
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
dva antiviry Avast? Jeden zapnutý?
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\MountPoints2: {75884dad-2765-11ea-9ca3-507b9d809398} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02663826-1CC7-4840-8791-EA91716CCF53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:9341E0C6 [310]
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
IE trusted site: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\localhost -> localhost
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá›
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i¬ç{~
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬•ÄR
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ů¬Ď]Ť
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X•
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I¬Ź)6
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Stáhni si Security Check by screen317 z některého odkazu
http://www.bleepingcomputer.com/download/securitycheck/
https://www.bleepingcomputer.com/downlo ... ritycheck/
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Jeden Avast používám, nevím co tam dělá ten druhý. A kde prosím najdu to vypínání disků? Koukal jsem v možnostech napájení ale tam jsem to nenašel. Disk se mi pravděpodobně vypíná jen tehdy, pokud zavřu víko u ntb.
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Simona (27-12-2020 15:50:24) Run:1
Running from C:\Users\User\Desktop\HJT
Loaded Profiles: Simona
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\MountPoints2: {75884dad-2765-11ea-9ca3-507b9d809398} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02663826-1CC7-4840-8791-EA91716CCF53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:9341E0C6 [310]
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
IE trusted site: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\localhost -> localhost
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá›
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i¬ç{~
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬•ÄR
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ů¬Ď]Ť
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X•
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I¬Ź)6
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75884dad-2765-11ea-9ca3-507b9d809398} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{02663826-1CC7-4840-8791-EA91716CCF53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02663826-1CC7-4840-8791-EA91716CCF53}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\ProgramData\Temp => ":9341E0C6" ADS removed successfully
"HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => removed successfully
C:\WINDOWS\system32\drivers\etc\hosts.ics => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i± => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá› => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i¬ç{~" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬•ÄR" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ů¬Ď]Ť" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X• => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I¬Ź)6" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)° => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19207096 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1405792 B
Edge => 0 B
Chrome => 29701056 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 16766 B
NetworkService => 16766 B
User => 4569872 B
RecycleBin => 0 B
EmptyTemp: => 63.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:51:59 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Simona (27-12-2020 15:50:24) Run:1
Running from C:\Users\User\Desktop\HJT
Loaded Profiles: Simona
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\MountPoints2: {75884dad-2765-11ea-9ca3-507b9d809398} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02663826-1CC7-4840-8791-EA91716CCF53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
Task: {334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-27] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:9341E0C6 [310]
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
IE trusted site: HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\...\localhost -> localhost
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá›
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i¬ç{~
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬•ÄR
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ů¬Ď]Ť
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X•
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I¬Ź)6
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75884dad-2765-11ea-9ca3-507b9d809398} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{02663826-1CC7-4840-8791-EA91716CCF53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02663826-1CC7-4840-8791-EA91716CCF53}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{334E3D12-00F2-4EDD-BDA8-0B52B9B0BF87}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Google\Chrome\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\ProgramData\Temp => ":9341E0C6" ADS removed successfully
"HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKU\S-1-5-21-1815535875-2732539743-2502002951-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => removed successfully
C:\WINDOWS\system32\drivers\etc\hosts.ics => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I«76B => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i± => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«Gá› => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙鱧J => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰«o»w => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i¬ç{~" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą±o&ś => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©¬•ÄR" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ٱ˙D => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ą«7$s => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ů¬Ď]Ť" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰°ß(Ţ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)«7X• => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙y«Ý˘â => moved successfully
"C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I¬Ź)6" => not found
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é«Űş„ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ÉŞ_]A => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙é±wJ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙I®§eŘ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©®Ź]Ç => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙‰®wŢS => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y°×µK => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙Y±wŮo => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)°_“Ő => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙9®oiĚ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙©«Źp™ => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ŮŻGër => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙™Ż_‹s => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙)° => moved successfully
C:\WINDOWS\system32\˙˙˙˙˙˙˙˙i±ŹŹŘ => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19207096 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1405792 B
Edge => 0 B
Chrome => 29701056 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 16766 B
NetworkService => 16766 B
User => 4569872 B
RecycleBin => 0 B
EmptyTemp: => 63.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:51:59 ====
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
Scanner
- Level 3.5
- Příspěvky: 771
- Registrován: srpen 11
- Bydliště: Střední čechy
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Viry, lagy
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avast Antivirus
Windows Defender
Avast Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Zemana AntiMalware verze 3.2.27
Google Chrome (86.0.4240.198)
Google Chrome (87.0.4280.88)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
system32 AvastSvc.exe -?-
AVAST Software Avast aswToolsSvc.exe
AVAST Software Avast aswEngSrv.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avast Antivirus
Windows Defender
Avast Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Zemana AntiMalware verze 3.2.27
Google Chrome (86.0.4240.198)
Google Chrome (87.0.4280.88)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
system32 AvastSvc.exe -?-
AVAST Software Avast aswToolsSvc.exe
AVAST Software Avast aswEngSrv.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
When You smoke herb it reveals you to yourself. All the wickedness you do is revealed by the herb - it's you conscience and gives you an honest picture of yourself.
---------- Robert Nesta Marley ----------
---------- Robert Nesta Marley ----------
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Viry, lagy
Ovládací panely\Hardware a zvuk\Možnosti napájení\Upravit nastavení schématu
převést počítač do režimu spánku.
nezavírat víko!
dva antiviry..
co problémy?
převést počítač do režimu spánku.
nezavírat víko!
dva antiviry..
co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 10 hostů