Kontrola logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Kontrola logu  Vyřešeno

Příspěvekod bindex » 07 úno 2021 15:35

Zdravím, poprosil bych o kontrolu logu. Děkuji moc.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:44, on 07.02.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\LUKY\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Stažené soubory\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.63\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LUKY\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A9321CDF486E5BA36857AF267B400A21] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Spotify] C:\Users\LUKY\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "E:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EpicGamesLauncher] "E:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [GogGalaxy] E:\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [btweb] "C:\Users\LUKY\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [Lync] "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [Discord] C:\Users\LUKY\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Bitdefender Anti-tracker - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AfVpnService - AnchorFree Inc. - C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ARMOURY CRATE Service (ArmouryCrateService) - ASUSTeK COMPUTER INC. - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe
O23 - Service: Služba Aktualizace ASUS (asus) (asus) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
O23 - Service: AsusCertService - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.77\AsusFanControlService.exe
O23 - Service: Služba Aktualizace ASUS (asusm) (asusm) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
O23 - Service: AsusUpdateCheck - Unknown owner - C:\Windows\System32\AsusUpdateCheck.exe (file missing)
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender Protected Service (BDProtSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: služba Bitdefender Vpn (BdVpnService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_599765 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: GalaxyClientService - GOG.com - E:\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\LightingService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d67c20d727d4578c\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Bitdefender Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: ROG Live Service - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: VPNU WireGuard Tunnel Client: VPNUWireguard (WireGuardTunnel$VPNUWireguard) - Unknown owner - D:\Programy\VPN Unlimited\WireVPNUImpl.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15696 bytes



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41431
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod jaro3 » 07 úno 2021 17:00

Odinstaluj:
Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/

na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 07 úno 2021 20:42

Zdravím,

Lavasoft odinstalovaný.

ATF Cleaner jsem nepoužil, protože využívám pouze Google Chrome

TFC použito.




Výpis z AdwCleaneru zde:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-07-2021
# Duration: 00:00:32
# OS: Windows 10 Pro
# Scanned: 31837
# Detected: 14


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy azlyrics.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########



Výpis z Malwarebytes zde:


Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 07.02.21
Čas skenování: 20:36
Logovací soubor: bd2e02d6-697b-11eb-866f-d45d6455e7a1.json

-Informace o softwaru-
Verze: 4.3.0.98
Verze komponentů: 1.0.1157
Aktualizovat verzi balíku komponent: 1.0.36817
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19041.746)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-N07T93B\LUKY

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 309053
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 57 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41431
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod jaro3 » 07 úno 2021 22:21

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ do karantény

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 00:00

Jsem zpět.


AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-07-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 13
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted azlyrics.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2748 octets] - [07/02/2021 20:32:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 00:01

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by LUKY (Administrator) on 07.02.2021 at 23:19:03,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4

Successfully deleted: C:\Windows\system32\Tasks\update-S-1-5-21-2654596654-1640848676-1630762871-1001 (Task)
Successfully deleted: C:\Windows\system32\Tasks\update-sys (Task)
Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-2654596654-1640848676-1630762871-1001.job (Task)
Successfully deleted: C:\Windows\Tasks\update-sys.job (Task)



Registry: 5

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_A9321CDF486E5BA36857AF267B400A21 (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.02.2021 at 23:20:23,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 00:01

RogueKiller:

RogueKiller Anti-Malware V14.8.4.0 (x64) [Jan 13 2021] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19042) 64 bits
Started in : Normal mode
User : LUKY [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210203_130952, Driver : Loaded
Mode : Custom Scan, Scan -- Date : 2021/02/07 23:49:11 (Duration : 00:06:48)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Tr.Gen (Malicious)] \ContentManagement -- %appdata%\Unarchiver\Unarchiver.exe -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Tr.Gen (Malicious)] (folder) Unarchiver -- C:\Users\LUKY\AppData\Roaming\Unarchiver -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41431
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod jaro3 » 08 úno 2021 16:41

Sophos něco našel?

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
https://uloz.to/file/nFH1LwSrGioP/zoek1-rar

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 19:06

Sophos včera nic nenašel.

Nevím, jak sem vložit ten RogueKiller log. Nemám texťák a dostupný je pouze JSON soubor.

Jinak vkládám ostatní.


Zoek:

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by LUKY on 08.02.2021 at 18:13:28,46.
Microsoft Windows 10 Pro 10.0.19042 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\LUKY\Desktop\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2021-02-08-165809.log 1297 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Avira deleted successfully
C:\PROGRA~2\embedded deleted successfully
C:\PROGRA~2\{app} deleted successfully
C:\PROGRA~2\{code_GetAppDir} deleted successfully
C:\PROGRA~2\{code_GetSharedVstDir} deleted successfully
C:\PROGRA~2\{man} deleted successfully
C:\PROGRA~2\{tmp} deleted successfully
C:\PROGRA~3\48C4687D-9760-4F5B-BAB3-60351B0841E4 deleted successfully
C:\PROGRA~3\Avira deleted successfully
C:\PROGRA~3\dbg deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\LUKY\AppData\Local\GHISLER deleted successfully
C:\Users\LUKY\AppData\Local\ImageMagick deleted successfully
C:\Users\LUKY\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WireGuardTunnel$VPNUWireguard deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Avira not found
C:\PROGRA~2\embedded not found
C:\PROGRA~2\{app} not found
C:\PROGRA~2\{code_GetAppDir} not found
C:\PROGRA~2\{code_GetSharedVstDir} not found
C:\PROGRA~2\{man} not found
C:\PROGRA~2\{tmp} not found
C:\PROGRA~3\48C4687D-9760-4F5B-BAB3-60351B0841E4 not found
C:\Users\LUKY\AppData\Roaming\discord deleted
C:\Users\LUKY\AppData\Roaming\HearthstoneDeckTracker deleted
C:\Users\LUKY\AppData\Roaming\Synthesia deleted
C:\Users\LUKY\AppData\Roaming\msregsvv.dll deleted
C:\PROGRA~3\SoundToys_Problem_Log.txt deleted
C:\PROGRA~3\{450D0D40-B9B8-46E9-8BA2-6CD8A1704EAB} deleted
C:\PROGRA~3\{4FCEED6C-B7D3-485B-A843-C3DBD468BF17} deleted
C:\PROGRA~3\{9380734D-6F66-4F76-A7D3-6D117FAA4773} deleted
C:\PROGRA~3\{98529CCC-D431-4B85-965E-E98139A4FACD} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\LUKY\AppData\Local\updater.log deleted
C:\Users\LUKY\AppData\Local\cache deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM21F3F.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM23FF3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tpm-2524-118-7d4bd7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2e9fe7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2e9ff9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2e9ffb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea00c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea00e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea020.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea022.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea034.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea036.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea047.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea069.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea07a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea08c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea08e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea09f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea0a1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea0b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea0b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c-904-2ea0b7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dde2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dde4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dde6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78de17.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78de39.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78de5a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78de7b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78de9c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78deae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78deb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78deb2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dec4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dec6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dec8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78ded9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dedb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78dedd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78deef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-2544-78def1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a82be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a82df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a82e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a82f3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a82f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8316.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8318.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a832a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a832c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a832e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a833f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8341.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8382.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8393.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8395.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a8397.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a83a9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a83ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1184-356c-2a83ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e37564.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e37576.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e37588.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e3758a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375af.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375d0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e375f7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e37609.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e3762a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e3762c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e3762e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e37650.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e37661.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1290-a88-3e376a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-99427e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-99427e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942805.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942826.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942867.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942878.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-994289a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-99428bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-99428fb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-994290d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-994294e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-994297e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942990.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-99429b1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-99429c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942a90.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942ab1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942ac3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1328-3ca8-9942b23.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378aaf4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378aaf6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378aaf8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab09.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab0b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab1d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab31.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab33.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab35.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab48.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab5a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab70.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab72.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-15b8-28f8-378ab85.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b58.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b5a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b6d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b6f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b81.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6b85.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6ba6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bb8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bcb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bcd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bcf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6be1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6be3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bf5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db0-1e28-5d6bf7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387423.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387435.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387437.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387449.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38744b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38744d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38745e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387460.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387462.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387474.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387476.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-387478.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38748a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38748c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38748e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-38749f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-3874a1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-3874a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1db4-3dfc-3874a5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4ad4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4ae5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4af7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4af9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4afb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4afd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4aff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b11.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b13.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b15.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b17.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b19.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b1b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b2c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b2e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b30.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b32.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b48.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b4a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b4c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b50.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b62.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b64.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b7b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b7d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b7f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b81.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b95.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b9b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4b9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4bae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4bb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4bb2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4bc4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2524-118-7d4bd6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861af4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861af6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b07.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b09.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b0b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b1d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b21.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b33.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b35.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b37.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b39.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b5a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b5e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b60.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b72.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b78.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b8d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b8f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861b91.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861ba3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861ba5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861ba7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861ba9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bbc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bc0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bd2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bd4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bd6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bd8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bea.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bec.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861bff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861c01.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2900-4288-2861c03.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae33.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae35.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae47.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae59.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae5b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae70.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae82.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae84.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae95.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9ae97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aea9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aeab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aebd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aebf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aed0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aee2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2b1c-30c0-9aee4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-11778c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-11778e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177a4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177b7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177e3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177f6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-1177f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-11780a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-11780c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2bc0-1b7c-11781e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f62f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f631.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f633.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f645.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f657.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f668.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f66a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f67c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f68e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f690.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6a1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6a5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6b7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6ca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6cc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2cd4-26d0-22f6e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001ae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001c2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001d3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001e7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-5001fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-50020c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-50021e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-500220.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-500251.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-500253.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-500264.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-500266.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-500278.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-50027a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-50028b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f18-3408-50028d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9afca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9afcc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9afdd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9afdf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9afe1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9afe3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9aff5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9aff7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9aff9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b00a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b00c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b01e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b020.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b022.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b034.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b036.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b038.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b03a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3004-217c-9b04b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd65d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd65f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd661.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd673.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd675.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd677.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd689.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd68b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd68d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd69e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6b4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6b8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6ca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6cc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-30ac-3fa8-2dd6df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96246.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96248.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96259.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-9625b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-9625d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-9626f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96271.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96273.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96285.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96287.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-96289.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-9629a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-9629c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-9629e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-962b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-962b2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-962b4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-962c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-314c-3de0-962c8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451c2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451d7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451ed.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-23451f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-2345203.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-2345205.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-2345207.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-2345218.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-234522a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-234522c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-234523e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-2345240.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3204-30c4-2345251.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f80.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f82.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f84.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f86.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f9a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33f9c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33faf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fb1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fb3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fc5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fe6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fe8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3474-1f10-1d33fea.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a2c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a2db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a2dd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a2ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a2f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a302.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a314.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a326.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a328.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a32a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a33b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a34d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a34f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a360.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a362.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a374.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a376.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a388.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-348-fe8-9a38a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2005.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2017.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2038.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b204a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b204c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b205d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b205f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2061.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2073.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2075.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2077.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b2089.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b208b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b208d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b208f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b20a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b20a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b20a4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3494-37c8-1b20b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d47.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d59.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d5b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d70.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d72.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7d96.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7da7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7db9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7dca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7ddc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7dee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7dff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7e01.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7e13.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7e34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3518-3504-2f7e46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dba4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dba6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dba8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbbc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbcf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbd1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbd3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbe5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbe7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbe9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbeb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbfc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dbfe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dc00.tmp deleted
Naposledy upravil(a) bindex dne 08 úno 2021 19:07, celkem upraveno 1 x.

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 19:06

Zoek druhá část:

C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dc12.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dc14.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-367c-273c-25dc16.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d42.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d44.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d58.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d7f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206d91.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206da3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206da5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206db6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206dc8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206dca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206dcc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206ddd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206ddf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206df1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3930-2b6c-206e03.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1b8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1ba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1d0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1d2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e1f7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e209.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e20b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e20d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e20f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e211.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e222.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e224.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e226.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-395c-3950-13e228.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6ce7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6ce9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6cfa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6cfc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6cfe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d10.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d12.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d14.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d25.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d27.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d29.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d2b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d3d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d4f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d51.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d62.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d64.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3aa0-42e8-7f6d78.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-9019b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-9019d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-9019e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-9019e8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-9019fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-9019fc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a0d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a0f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a11.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a23.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a25.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a27.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a3a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a3c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a50.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a52.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e14-1dbc-901a64.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d972f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9731.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9733.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9745.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9747.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9749.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d975b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d975d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d975f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9770.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9772.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9774.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9786.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d9788.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d978a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d979c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d979e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d97a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3e50-3e28-1d97b1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca400d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca4129.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca414a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca415b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca418c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca41ae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca41b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca41e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca41f2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca41f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca4235.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca4246.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca4258.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca4269.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca426b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca427d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca429e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca42fe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3eb4-c10-ca436d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6a1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6b7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6ca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6cc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6f6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac6fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac70b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac70d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac70f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac721.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3ed4-37a4-4ac723.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470818.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470839.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-247084b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-247084d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-247086e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470880.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470882.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470893.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470895.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708a7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708a9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708cc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708f3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-24708f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3edc-3024-2470907.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde3b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde3d2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde402.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde424.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde455.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde4c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde553.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde574.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde5e3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde5f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde616.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde666.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde678.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde6a9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde6da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde72a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde74b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde79b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f20-1474-3fde7bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f0b1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f0f2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f0f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f115.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f117.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f129.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f12b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f14c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f14e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f160.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f181.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f183.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f1b4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f1b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f1c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f1d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f1eb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f20c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3f7c-1bcc-50f20e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9520a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9520c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9520e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95210.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95221.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95223.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95225.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95237.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95239.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9523b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9524c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9524e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95250.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95262.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95264.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95266.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-95278.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9527a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3fac-3f80-9527c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b883.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b885.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b897.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b899.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b89b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8ac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8ae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8c0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8d2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8e3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8f7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b8fb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b90d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b90f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b911.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b922.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-406c-1f6c-8c6b934.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eeb5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eec6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eec8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eeca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eecc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eece.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eee0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eee2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eee4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eee6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eef7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eef9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eefb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5eefd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5ef0f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5ef11.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5ef13.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5ef25.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-550-15c4-c5ef27.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b88e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b88e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b88f7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b88f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b88fb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b890d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b890f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8911.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8923.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8925.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8936.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8938.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b894a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b894c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b895d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b896f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8971.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8973.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-874-4784-27b8985.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f428.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f449.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f45b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f45d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f45f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f470.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f472.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f474.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f486.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f488.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f49a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f49c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f49e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4b1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4dd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4f0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4f2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f4f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f506.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f508.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f519.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f51b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f52d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f53f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f550.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f562.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f564.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f566.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f578.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f589.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f58b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f59d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f59f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5b2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5eb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a0c-2aa8-76f5fd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98ca2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cb3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cb5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cb7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cc9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98ccb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98ccd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cde.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98ce0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98ce2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98ce4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cf6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cf8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98cfa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98d0c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98d0e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98d10.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98d12.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-b64-618-98d23.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6438.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6469.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c646b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c646d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c646f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6481.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6483.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6485.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6496.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c6498.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c649a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64ac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64ae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64c2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64d7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-dac-3eb0-6c64f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-942095.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420a7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420a9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420bf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420d6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420ea.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420ec.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420ee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-9420ff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-942111.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-942113.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-942125.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ef4-1cf0-942127.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c3f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c3fb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c40d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c40f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c411.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c413.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c415.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c427.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c429.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c42b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c42d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c42f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c431.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c442.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c444.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c446.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c448.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c44a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-1020-c44c.tmp deleted
"C:\DumpStack.log.tmp" not deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.5.0.7\DXGIODScreenshot.dll" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.5.0.7\Lightshot.dll" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.5.0.7\Lightshot.exe" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.5.0.7\uploader.dll" deleted
"C:\PROGRA~2\Skillbrains" deleted
"C:\PROGRA~2\Skillbrains\lightshot" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.5.0.7" deleted

==== Orphaned Tasks deleted from Registry ======================

BitTorrent Web_1 deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"bdtbe@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi" [17.09.2020 13:45]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"bdtbe@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi" [17.09.2020 13:45]

==== Firefox XPI-files found: ======================

- short_ __MSG_short_name__ - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
- Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi

==== Chromium Look ======================

Google Chrome Version: 88.0.4324.146

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gannpgaobkkhmpomoijebaigcapoeebl - No path found[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]
khndhdhbebhaddchcgnalcjlaekbbeof - No path found[]

BTTV - LUKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
Chrome Remote Desktop - LUKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb
Chrome Remote Desktop - LUKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai
Horizon TV - LUKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\khacdlnhpilifpplbbafdickbmihjoml
Twitch Now - LUKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk
Chrome Media Router - LUKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Outlook - LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb
Word - LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi
Excel - LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm
PowerPoint - LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LUKY\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\LUKY\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\LUKY\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3134 folders=1214 945319779 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\LUKY\AppData\Local\Temp will be emptied at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LUKY\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\LUKY\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on 08.02.2021 at 18:48:19,42 ======================

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 19:07

Zemana:


Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  08.02.2021 18:51:45
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:12
Zkontrolované objekty    :  2229
Zjištěné objekty    :  2
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  12X AMD Ryzen 5 3600 6-Core Processor
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  14EA6311BFF3BFEBF3BA34


Odhalení
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\luky\appdata\local\google\chrome\user data\default\extensions\efmjfjelnicpmdcmfikempdhlmainjcb
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Chrome Remote Desktop
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\luky\appdata\local\google\chrome\user data\default\extensions\khacdlnhpilifpplbbafdickbmihjoml
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Horizon TV
Akce    :  Vymazat
-----------------------------------------------------------------------

Uživatelský avatar
bindex
Level 1
Level 1
Příspěvky: 85
Registrován: září 13
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod bindex » 08 úno 2021 19:08

A ještě nový log z Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:12, on 08.02.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
C:\Users\LUKY\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Stažené soubory\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LUKY\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify] C:\Users\LUKY\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "E:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EpicGamesLauncher] "E:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [GogGalaxy] E:\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [btweb] "C:\Users\LUKY\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
O4 - HKCU\..\Run: [Lync] "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [Discord] C:\Users\LUKY\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A9321CDF486E5BA36857AF267B400A21] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Bitdefender Anti-tracker - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AfVpnService - AnchorFree Inc. - C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ARMOURY CRATE Service (ArmouryCrateService) - ASUSTeK COMPUTER INC. - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe
O23 - Service: Služba Aktualizace ASUS (asus) (asus) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
O23 - Service: AsusCertService - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.77\AsusFanControlService.exe
O23 - Service: Služba Aktualizace ASUS (asusm) (asusm) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
O23 - Service: AsusUpdateCheck - Unknown owner - C:\Windows\System32\AsusUpdateCheck.exe (file missing)
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender Protected Service (BDProtSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: služba Bitdefender Vpn (BdVpnService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_82f88 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: GalaxyClientService - GOG.com - E:\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\LightingService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - D:\Programy\MB\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d67c20d727d4578c\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Bitdefender Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: ROG Live Service - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15123 bytes


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 2 hosti