Ahoj,
zjistil jsem, že některé soubory jsou přejmenované, lépe řečeno je tam přidané přípona *.*.aeDbedBaEe
Např. 2010-02-03_small.JPG.aeDbedBaEe
Kde může být problém?
Díky Buri
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pridana pripona aeDbedBaEe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pridana pripona aeDbedBaEe
Zdravím!
Pravděpodobně jste si odněkud stáhl Ransomware, které soubory zašifrovalo. PC vám můžeme jen vyčistit od malware, ale nedešifrujeme vám zašifrované soubory. K tomu je třeba přímý přístup do PC, což nemáme právně ošetřeno. S tím se pak budete muset obrátit na naše kolegy: https://neslape.cz/?utm_campaign=neslap ... ium=banner . Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Pravděpodobně jste si odněkud stáhl Ransomware, které soubory zašifrovalo. PC vám můžeme jen vyčistit od malware, ale nedešifrujeme vám zašifrované soubory. K tomu je třeba přímý přístup do PC, což nemáme právně ošetřeno. S tím se pak budete muset obrátit na naše kolegy: https://neslape.cz/?utm_campaign=neslap ... ium=banner . Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pridana pripona aeDbedBaEe
Osobně si myslím, že už se mi před nějakým časem vir podařilo odstranit, přesto posílám logy v příloze (FRST.rar) a prosím o kontrolu.
Díky Buri
Díky Buri
- Přílohy
-
- FRST.rar
- (54.89 KiB) Staženo 64 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pridana pripona aeDbedBaEe
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pridana pripona aeDbedBaEe
Posílám log:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-18-2020
# Duration: 00:01:01
# OS: Windows 10 Home
# Cleaned: 136
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Marta\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\admin\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\admin\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\admin\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\END
Deleted C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\2gjxqwnv.default\invalidprefs.js
Deleted C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\usu81k2l.default-1473596935689\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted C:\Windows\System32\Tasks\START DRIVER REVIVER CHECK DRIVER UPDATE
Deleted C:\Windows\System32\Tasks\START DRIVER REVIVER SCHEDULE
Deleted C:\Windows\System32\Tasks\START DRIVER REVIVER UPDATE
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16DBB405-FD70-4D56-99B1-30FF4FEB79D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{193BAC3F-4A8F-4A55-80F1-7E3551D9BD54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C2BF01-706E-4815-9694-E521666681EB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32B01CBF-F65-45AC-A85C-D74EF7E78CE2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34847EAB-785F-42BB-855C-380B981BD56}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36D3F381-9DB4-4ED1-8D21-995EF07ED62}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F58F2C5-AA62-46AA-9DE3-E6B55B689B41}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41463A9-B726-4C04-A56E-FB745D29AE83}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{476D7357-5727-4811-85CB-E13FF6F0385E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4913F1DD-E569-46ED-912F-EE413F5041A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ABCA7AC-8081-48F0-BAF0-6B777FC85B0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{534D06DC-6B1-4762-94D5-A4AC4CEC1028}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53C83BC4-30F3-4B84-9E74-BE74C3CA19}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55AFB91F-AF45-4AAD-89F0-9529B96B86C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57D3E179-2585-494A-BF4B-BEF7A54EAA42}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D3F4C69-702F-4E41-8A32-10D64FE68616}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D7E4E7D-FF73-4ED1-97DB-A6FD9F8D5982}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65F1B2E-7ADA-44C1-AE9D-617B397A54F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{685A60EB-DBC5-4EFC-AEA0-6F268BA5917}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C9898D4-7123-45B8-8432-81BCC16816}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EDB4DBF-6976-4DA9-9033-A5D7294620ED}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71203C94-B6BF-40DA-9312-A9B1CAF6BEF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74E38BAC-69B9-4AFB-BA92-9323792611}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D7A6C5-B27A-4BA6-A2BE-9305C7F6B71}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{768872CF-F1FD-40D4-ABAD-F2F583948F54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76D89B72-B31-45D2-8688-7E1D5CC445F5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{777E29B8-E35C-48CB-A692-69BF656C98F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7796D2D6-461C-43E3-ACB5-67A38CFF9D9D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78D2CE05-AC3B-4FA4-8E21-8019CD8417F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78ECBA9C-E764-41D3-A1CE-BFF97851B44}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{791C46A3-E5DC-4D54-9552-DD5DE6403D9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E8E0562-EECD-468C-B7D1-C0372EACEB6F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{816D6B5A-D0FC-451F-91B0-C7282DC35BAD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E170CD-92C1-41F7-B4F7-1BE82BFA579}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9752B7F6-C64E-4C11-BBF5-52AA949EBDD1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A63F55F-FAC0-4036-9258-9311DB7EC87}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BDBE0C6-D66D-4578-B0F8-95CA918AF448}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0215748-C568-4D44-89C4-61ABA8568110}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A04E8F33-BCE1-49C3-9524-92FADA21EA3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4015C0E-AED-4839-8782-211732B46FEE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7D58F1C-9537-4595-A16F-55774DC54332}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A84D2E5B-A7DD-4370-BF38-717A423A97C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2B897-B502-4F0B-85D4-AE5B1DB55D72}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B50F486-1537-4768-B9FC-53C3FAF0C6CE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9555346-4196-4BFA-B97-593C1AAF926E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBA4F74D-C4D4-4E27-8022-16FF3DFCEF8E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7CDEA-4FAB-4401-A6AA-463121AD9E72}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C082F9F2-37C8-40D6-BE3-1F2CE99F56A7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA1703D1-FE9-454C-AFB1-319A38644E7F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA49814C-52A-4E11-B5A7-F19252FAD6F0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC7237FD-B696-462A-8171-C92196A1448F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDA7EC03-94B5-4BE4-9661-3BA83923C5E9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF28395-ED10-44A6-A5F-E4DB4A77FDF3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF6F051-7E54-4059-96AB-6371888A634F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE17B359-FF75-4EED-AB86-A7D56DBD76FF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE6E384-3010-48E1-9649-9D19A4BD4D50}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF9D3F51-2103-4AA4-8452-DC269BB236A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFB1A1E6-FC5E-4796-96CE-26BCB0A5C4C0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0CF8A56-B7CC-460C-8C86-3E53244D9B77}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D963775E-5942-4BA0-8B49-34AEE437979F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB2349E-39F7-4A4E-B7D9-9334C4219A1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DECABB55-B0A9-4E59-9BE1-F75A5968384}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEEEC496-6A7F-43F6-B546-6296B2F64239}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E909CCF5-1297-415D-96F7-CAE114CCB24}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB7060F1-95C-4564-BBA9-ABEC704219E6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE1E6DF9-92C9-4328-8B16-27B6D3F5A341}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFA8E318-FDCF-4F9E-A69F-84FD42989D34}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F071CEC5-9A39-4EC2-86A-E0484B7FF54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7C422A2-377C-43BA-BA9C-7E37A8BB57AD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA13E3C8-1379-4416-9BFC-533D4876331B}
Deleted HKCU\Software\Classes\TornTvDownloader.File
Deleted HKCU\Software\IObit\Advanced SystemCare
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\UpdateStar
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{477833B6-5E7E-4157-B203-FC56AF48290F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84DBED7A-8E2F-4A44-8500-70F2314089F7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCF140BE-09B4-46EB-A3DC-CDAA6C4E4DA1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{477833B6-5E7E-4157-B203-FC56AF48290F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84DBED7A-8E2F-4A44-8500-70F2314089F7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F94C9FF0-F8AB-4A2B-B6F9-A7121BF63D64}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCF140BE-09B4-46EB-A3DC-CDAA6C4E4DA1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\START DRIVER REVIVER CHECK DRIVER UPDATE
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Schedule
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Update
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DriverUpdaterPro
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MacDrive 8 application
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe
Deleted HKLM\System\Setup\FirstBoot\Services\ST2012_Svc
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoEasyCamera Registry HKU\.DEFAULT\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoEasyCamera Registry HKU\S-1-5-18\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Management
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|EnergyUtility
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D0956C11-0F60-43FE-99AD-524E833471BB}
Deleted Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Deleted Preinstalled.LenovoEnergyManager Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Marta\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\admin\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoPower2Go Folder C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Folder C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Mirage
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Tray
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\admin\AppData\Roaming\SAMSUNG\SMART SWITCH PC
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [18466 octets] - [18/10/2020 18:46:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-18-2020
# Duration: 00:01:01
# OS: Windows 10 Home
# Cleaned: 136
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Marta\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\admin\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\admin\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\admin\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\END
Deleted C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\2gjxqwnv.default\invalidprefs.js
Deleted C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\usu81k2l.default-1473596935689\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted C:\Windows\System32\Tasks\START DRIVER REVIVER CHECK DRIVER UPDATE
Deleted C:\Windows\System32\Tasks\START DRIVER REVIVER SCHEDULE
Deleted C:\Windows\System32\Tasks\START DRIVER REVIVER UPDATE
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16DBB405-FD70-4D56-99B1-30FF4FEB79D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{193BAC3F-4A8F-4A55-80F1-7E3551D9BD54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C2BF01-706E-4815-9694-E521666681EB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32B01CBF-F65-45AC-A85C-D74EF7E78CE2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34847EAB-785F-42BB-855C-380B981BD56}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36D3F381-9DB4-4ED1-8D21-995EF07ED62}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F58F2C5-AA62-46AA-9DE3-E6B55B689B41}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41463A9-B726-4C04-A56E-FB745D29AE83}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{476D7357-5727-4811-85CB-E13FF6F0385E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4913F1DD-E569-46ED-912F-EE413F5041A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ABCA7AC-8081-48F0-BAF0-6B777FC85B0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{534D06DC-6B1-4762-94D5-A4AC4CEC1028}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53C83BC4-30F3-4B84-9E74-BE74C3CA19}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55AFB91F-AF45-4AAD-89F0-9529B96B86C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57D3E179-2585-494A-BF4B-BEF7A54EAA42}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D3F4C69-702F-4E41-8A32-10D64FE68616}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D7E4E7D-FF73-4ED1-97DB-A6FD9F8D5982}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65F1B2E-7ADA-44C1-AE9D-617B397A54F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{685A60EB-DBC5-4EFC-AEA0-6F268BA5917}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C9898D4-7123-45B8-8432-81BCC16816}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EDB4DBF-6976-4DA9-9033-A5D7294620ED}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71203C94-B6BF-40DA-9312-A9B1CAF6BEF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74E38BAC-69B9-4AFB-BA92-9323792611}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D7A6C5-B27A-4BA6-A2BE-9305C7F6B71}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{768872CF-F1FD-40D4-ABAD-F2F583948F54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76D89B72-B31-45D2-8688-7E1D5CC445F5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{777E29B8-E35C-48CB-A692-69BF656C98F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7796D2D6-461C-43E3-ACB5-67A38CFF9D9D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78D2CE05-AC3B-4FA4-8E21-8019CD8417F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78ECBA9C-E764-41D3-A1CE-BFF97851B44}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{791C46A3-E5DC-4D54-9552-DD5DE6403D9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E8E0562-EECD-468C-B7D1-C0372EACEB6F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{816D6B5A-D0FC-451F-91B0-C7282DC35BAD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E170CD-92C1-41F7-B4F7-1BE82BFA579}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9752B7F6-C64E-4C11-BBF5-52AA949EBDD1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A63F55F-FAC0-4036-9258-9311DB7EC87}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BDBE0C6-D66D-4578-B0F8-95CA918AF448}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0215748-C568-4D44-89C4-61ABA8568110}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A04E8F33-BCE1-49C3-9524-92FADA21EA3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4015C0E-AED-4839-8782-211732B46FEE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7D58F1C-9537-4595-A16F-55774DC54332}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A84D2E5B-A7DD-4370-BF38-717A423A97C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2B897-B502-4F0B-85D4-AE5B1DB55D72}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B50F486-1537-4768-B9FC-53C3FAF0C6CE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9555346-4196-4BFA-B97-593C1AAF926E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBA4F74D-C4D4-4E27-8022-16FF3DFCEF8E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7CDEA-4FAB-4401-A6AA-463121AD9E72}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C082F9F2-37C8-40D6-BE3-1F2CE99F56A7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA1703D1-FE9-454C-AFB1-319A38644E7F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA49814C-52A-4E11-B5A7-F19252FAD6F0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC7237FD-B696-462A-8171-C92196A1448F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDA7EC03-94B5-4BE4-9661-3BA83923C5E9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF28395-ED10-44A6-A5F-E4DB4A77FDF3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF6F051-7E54-4059-96AB-6371888A634F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE17B359-FF75-4EED-AB86-A7D56DBD76FF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE6E384-3010-48E1-9649-9D19A4BD4D50}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF9D3F51-2103-4AA4-8452-DC269BB236A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFB1A1E6-FC5E-4796-96CE-26BCB0A5C4C0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0CF8A56-B7CC-460C-8C86-3E53244D9B77}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D963775E-5942-4BA0-8B49-34AEE437979F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB2349E-39F7-4A4E-B7D9-9334C4219A1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DECABB55-B0A9-4E59-9BE1-F75A5968384}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEEEC496-6A7F-43F6-B546-6296B2F64239}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E909CCF5-1297-415D-96F7-CAE114CCB24}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB7060F1-95C-4564-BBA9-ABEC704219E6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE1E6DF9-92C9-4328-8B16-27B6D3F5A341}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFA8E318-FDCF-4F9E-A69F-84FD42989D34}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F071CEC5-9A39-4EC2-86A-E0484B7FF54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7C422A2-377C-43BA-BA9C-7E37A8BB57AD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA13E3C8-1379-4416-9BFC-533D4876331B}
Deleted HKCU\Software\Classes\TornTvDownloader.File
Deleted HKCU\Software\IObit\Advanced SystemCare
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\UpdateStar
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{477833B6-5E7E-4157-B203-FC56AF48290F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84DBED7A-8E2F-4A44-8500-70F2314089F7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCF140BE-09B4-46EB-A3DC-CDAA6C4E4DA1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{477833B6-5E7E-4157-B203-FC56AF48290F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84DBED7A-8E2F-4A44-8500-70F2314089F7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F94C9FF0-F8AB-4A2B-B6F9-A7121BF63D64}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCF140BE-09B4-46EB-A3DC-CDAA6C4E4DA1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\START DRIVER REVIVER CHECK DRIVER UPDATE
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Schedule
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Update
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DriverUpdaterPro
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MacDrive 8 application
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe
Deleted HKLM\System\Setup\FirstBoot\Services\ST2012_Svc
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoEasyCamera Registry HKU\.DEFAULT\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoEasyCamera Registry HKU\S-1-5-18\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Management
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|EnergyUtility
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D0956C11-0F60-43FE-99AD-524E833471BB}
Deleted Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Deleted Preinstalled.LenovoEnergyManager Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Marta\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\admin\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoPower2Go Folder C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Folder C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Mirage
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Tray
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\admin\AppData\Roaming\SAMSUNG\SMART SWITCH PC
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [18466 octets] - [18/10/2020 18:46:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pridana pripona aeDbedBaEe
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pridana pripona aeDbedBaEe
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\admin\OneDrive - edrive\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] ->
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2B49CA2E-82B5-4EEE-A746-8CE7C780AE72} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {2BA82528-82CE-430D-A700-979E70012758} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8} - \Lenovo\ImController\TimeBasedEvents\372ea573-272b-4d15-b3b9-42ae8eeb061c -> No File <==== ATTENTION
Task: {39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {47423429-0B0C-4597-BBD8-A85920D07DA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51A0B67E-A550-44C0-8C8E-724C83A3C2F6} - \Lenovo\ImController\TimeBasedEvents\36e6ab48-d4d0-42c2-b681-9896af5f1e26 -> No File <==== ATTENTION
Task: {52AC4213-F335-4F31-A8AC-03A6244BF078} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F5869E0-1537-4CDD-9774-86855C88FAB8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {61147F08-63F1-4DCA-911A-230DDA31759B} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6A029161-E29C-452D-8DCE-730674911828} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33} - \Lenovo\ImController\TimeBasedEvents\fc20c70b-8b7f-4817-8ed4-fd9edaa79dbf -> No File <==== ATTENTION
Task: {902A660D-0328-4D1C-8DF0-34C9FA550F12} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {92816FB4-B7F5-43F0-9A85-27FF1C6D6484} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {95A54D3D-1FF4-43F2-9F7D-3C489FDE631D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9F4F1272-B0B7-47DA-A3CE-5DE8997F7101} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB} - \Lenovo\ImController\TimeBasedEvents\d538ed94-c936-4c22-bd10-dee0f803e870 -> No File <==== ATTENTION
Task: {AF9A580B-42E2-4ADA-82D5-A0A0302F5315} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {C20051F6-C97C-4F48-A0D8-D185050ABF5D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C32EBB4D-7DF3-4777-A050-3BDF140A4F51} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C7C0405E-3715-4DFC-B70A-5C96AD757FC5} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645} - System32\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D14AEFB3-F6AB-49B0-B610-32B6F50B96F1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {D85C4A94-6213-4DDD-A36D-99701FDC6ECB} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E9029D18-F542-4E8A-A784-6A4372A17C30} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {EE1FA67C-3775-4183-9026-4D802DD705B6} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {F424A029-2267-4A21-A197-D2F86435771A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U4 aspnet_state; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d0f390e10b0338
C:\ProgramData\KMSTools.exe
C:\Program Files (x86)\GUT76E9.tmp
C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-09-27] <==== ATTENTION (zero byte File/Folder)
C:\WINDOWS\system32\npjp2.dll [2014-05-28] <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:0E5CFA74 [116]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9 [134]
AlternateDataStreams: C:\ProgramData\Temp:87C79266 [134]
AlternateDataStreams: C:\ProgramData\Temp:C5760A8B [290]
AlternateDataStreams: C:\ProgramData\Temp:C8B702FF [149]
AlternateDataStreams: C:\ProgramData\Temp:F6E5C7FB [111]
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
Toolbar: HKU\S-1-5-21-2003990707-279457667-3181234942-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FirewallRules: [{82740B71-1847-41BA-A07C-D05DF1B88D44}] => (Allow) C:\ProgramData\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => No File
FirewallRules: [{5964BEF4-56D7-404F-B0F6-1BF698B045FE}] => (Allow) C:\ProgramData\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => No File
FirewallRules: [{E2EE9EA4-985F-4923-B89E-AD133EE4857C}] => (Allow) C:\Driver\DriverEasy\DriverEasy.exe => No File
FirewallRules: [{CB4E883A-CCA7-4A8D-BF38-9738AE601B39}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{1E18C231-3996-492B-A8AF-8F8B3B57C2BD}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe => No File
FirewallRules: [{B7A0B4CC-191A-40FA-A9B5-7BB5D57D26BC}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe => No File
FirewallRules: [{9022533E-666F-48BE-AFA3-72EDE068A4A8}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe => No File
FirewallRules: [{0F7BED60-962F-463A-BED6-569A025E55F6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe => No File
FirewallRules: [{3AE76F9F-7658-4389-9BAF-1A3911568FF4}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12.exe => No File
FirewallRules: [{01089DFF-820D-406C-B004-6DC539575FB7}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{6921FF52-3DD5-452F-B4FF-DE46563F3F2A}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{73620CE9-A109-4810-B34E-10441487FB0C}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{01F68136-4238-4B52-979A-5E09AE720EEE}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12ML.exe => No File
FirewallRules: [{216DE3B1-9D48-45FB-9A14-E14C4AD1357C}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe => No File
H:\Na vypaleni\Antiviry\TNod-1.6.4.1-beta-setup.exe
C:\Stazeno\Temp\TNod-1.7.0.0-beta-setup.exe
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pridana pripona aeDbedBaEe
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by admin (18-10-2020 21:35:43) Run:1
Running from C:\Users\admin\OneDrive - edrive\Desktop
Loaded Profiles: admin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] ->
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2B49CA2E-82B5-4EEE-A746-8CE7C780AE72} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {2BA82528-82CE-430D-A700-979E70012758} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8} - \Lenovo\ImController\TimeBasedEvents\372ea573-272b-4d15-b3b9-42ae8eeb061c -> No File <==== ATTENTION
Task: {39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {47423429-0B0C-4597-BBD8-A85920D07DA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51A0B67E-A550-44C0-8C8E-724C83A3C2F6} - \Lenovo\ImController\TimeBasedEvents\36e6ab48-d4d0-42c2-b681-9896af5f1e26 -> No File <==== ATTENTION
Task: {52AC4213-F335-4F31-A8AC-03A6244BF078} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F5869E0-1537-4CDD-9774-86855C88FAB8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {61147F08-63F1-4DCA-911A-230DDA31759B} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6A029161-E29C-452D-8DCE-730674911828} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33} - \Lenovo\ImController\TimeBasedEvents\fc20c70b-8b7f-4817-8ed4-fd9edaa79dbf -> No File <==== ATTENTION
Task: {902A660D-0328-4D1C-8DF0-34C9FA550F12} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {92816FB4-B7F5-43F0-9A85-27FF1C6D6484} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {95A54D3D-1FF4-43F2-9F7D-3C489FDE631D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9F4F1272-B0B7-47DA-A3CE-5DE8997F7101} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB} - \Lenovo\ImController\TimeBasedEvents\d538ed94-c936-4c22-bd10-dee0f803e870 -> No File <==== ATTENTION
Task: {AF9A580B-42E2-4ADA-82D5-A0A0302F5315} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {C20051F6-C97C-4F48-A0D8-D185050ABF5D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C32EBB4D-7DF3-4777-A050-3BDF140A4F51} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C7C0405E-3715-4DFC-B70A-5C96AD757FC5} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645} - System32\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D14AEFB3-F6AB-49B0-B610-32B6F50B96F1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {D85C4A94-6213-4DDD-A36D-99701FDC6ECB} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E9029D18-F542-4E8A-A784-6A4372A17C30} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {EE1FA67C-3775-4183-9026-4D802DD705B6} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {F424A029-2267-4A21-A197-D2F86435771A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U4 aspnet_state; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d0f390e10b0338
C:\ProgramData\KMSTools.exe
C:\Program Files (x86)\GUT76E9.tmp
C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-09-27] <==== ATTENTION (zero byte File/Folder)
C:\WINDOWS\system32\npjp2.dll [2014-05-28] <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:0E5CFA74 [116]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9 [134]
AlternateDataStreams: C:\ProgramData\Temp:87C79266 [134]
AlternateDataStreams: C:\ProgramData\Temp:C5760A8B [290]
AlternateDataStreams: C:\ProgramData\Temp:C8B702FF [149]
AlternateDataStreams: C:\ProgramData\Temp:F6E5C7FB [111]
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
Toolbar: HKU\S-1-5-21-2003990707-279457667-3181234942-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FirewallRules: [{82740B71-1847-41BA-A07C-D05DF1B88D44}] => (Allow) C:\ProgramData\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => No File
FirewallRules: [{5964BEF4-56D7-404F-B0F6-1BF698B045FE}] => (Allow) C:\ProgramData\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => No File
FirewallRules: [{E2EE9EA4-985F-4923-B89E-AD133EE4857C}] => (Allow) C:\Driver\DriverEasy\DriverEasy.exe => No File
FirewallRules: [{CB4E883A-CCA7-4A8D-BF38-9738AE601B39}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{1E18C231-3996-492B-A8AF-8F8B3B57C2BD}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe => No File
FirewallRules: [{B7A0B4CC-191A-40FA-A9B5-7BB5D57D26BC}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe => No File
FirewallRules: [{9022533E-666F-48BE-AFA3-72EDE068A4A8}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe => No File
FirewallRules: [{0F7BED60-962F-463A-BED6-569A025E55F6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe => No File
FirewallRules: [{3AE76F9F-7658-4389-9BAF-1A3911568FF4}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12.exe => No File
FirewallRules: [{01089DFF-820D-406C-B004-6DC539575FB7}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{6921FF52-3DD5-452F-B4FF-DE46563F3F2A}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{73620CE9-A109-4810-B34E-10441487FB0C}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{01F68136-4238-4B52-979A-5E09AE720EEE}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12ML.exe => No File
FirewallRules: [{216DE3B1-9D48-45FB-9A14-E14C4AD1357C}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe => No File
H:\Na vypaleni\Antiviry\TNod-1.6.4.1-beta-setup.exe
C:\Stazeno\Temp\TNod-1.7.0.0-beta-setup.exe
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{50968FF7-10C1-4fb3-98B0-CD654D6CB97E} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B49CA2E-82B5-4EEE-A746-8CE7C780AE72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B49CA2E-82B5-4EEE-A746-8CE7C780AE72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BA82528-82CE-430D-A700-979E70012758}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BA82528-82CE-430D-A700-979E70012758}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\372ea573-272b-4d15-b3b9-42ae8eeb061c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47423429-0B0C-4597-BBD8-A85920D07DA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47423429-0B0C-4597-BBD8-A85920D07DA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51A0B67E-A550-44C0-8C8E-724C83A3C2F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51A0B67E-A550-44C0-8C8E-724C83A3C2F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\36e6ab48-d4d0-42c2-b681-9896af5f1e26" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52AC4213-F335-4F31-A8AC-03A6244BF078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AC4213-F335-4F31-A8AC-03A6244BF078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F5869E0-1537-4CDD-9774-86855C88FAB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5869E0-1537-4CDD-9774-86855C88FAB8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1cf4f1341741280" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61147F08-63F1-4DCA-911A-230DDA31759B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61147F08-63F1-4DCA-911A-230DDA31759B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A029161-E29C-452D-8DCE-730674911828}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A029161-E29C-452D-8DCE-730674911828}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0f390e18b8d87" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\fc20c70b-8b7f-4817-8ed4-fd9edaa79dbf" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{902A660D-0328-4D1C-8DF0-34C9FA550F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{902A660D-0328-4D1C-8DF0-34C9FA550F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92816FB4-B7F5-43F0-9A85-27FF1C6D6484}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92816FB4-B7F5-43F0-9A85-27FF1C6D6484}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95A54D3D-1FF4-43F2-9F7D-3C489FDE631D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A54D3D-1FF4-43F2-9F7D-3C489FDE631D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F4F1272-B0B7-47DA-A3CE-5DE8997F7101}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F4F1272-B0B7-47DA-A3CE-5DE8997F7101}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\d538ed94-c936-4c22-bd10-dee0f803e870" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF9A580B-42E2-4ADA-82D5-A0A0302F5315}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF9A580B-42E2-4ADA-82D5-A0A0302F5315}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20051F6-C97C-4F48-A0D8-D185050ABF5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20051F6-C97C-4F48-A0D8-D185050ABF5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C32EBB4D-7DF3-4777-A050-3BDF140A4F51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C32EBB4D-7DF3-4777-A050-3BDF140A4F51}" => removed successfully
C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7C0405E-3715-4DFC-B70A-5C96AD757FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7C0405E-3715-4DFC-B70A-5C96AD757FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d04200dc818326" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D14AEFB3-F6AB-49B0-B610-32B6F50B96F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D14AEFB3-F6AB-49B0-B610-32B6F50B96F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D85C4A94-6213-4DDD-A36D-99701FDC6ECB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D85C4A94-6213-4DDD-A36D-99701FDC6ECB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0e331d4848623" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9029D18-F542-4E8A-A784-6A4372A17C30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9029D18-F542-4E8A-A784-6A4372A17C30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EE1FA67C-3775-4183-9026-4D802DD705B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE1FA67C-3775-4183-9026-4D802DD705B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F424A029-2267-4A21-A197-D2F86435771A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F424A029-2267-4A21-A197-D2F86435771A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623.job => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87" => not found
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d0f390e10b0338 => moved successfully
C:\ProgramData\KMSTools.exe => moved successfully
C:\Program Files (x86)\GUT76E9.tmp => moved successfully
"C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-09-27] <==== ATTENTION (zero byte File\Folder)" => not found
"C:\WINDOWS\system32\npjp2.dll [2014-05-28] <==== ATTENTION (zero byte File\Folder)" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Temp => ":0E5CFA74" ADS removed successfully
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully
C:\ProgramData\Temp => ":689AB7E9" ADS removed successfully
C:\ProgramData\Temp => ":87C79266" ADS removed successfully
C:\ProgramData\Temp => ":C5760A8B" ADS removed successfully
C:\ProgramData\Temp => ":C8B702FF" ADS removed successfully
C:\ProgramData\Temp => ":F6E5C7FB" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
"HKU\S-1-5-21-2003990707-279457667-3181234942-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82740B71-1847-41BA-A07C-D05DF1B88D44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5964BEF4-56D7-404F-B0F6-1BF698B045FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2EE9EA4-985F-4923-B89E-AD133EE4857C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB4E883A-CCA7-4A8D-BF38-9738AE601B39}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E18C231-3996-492B-A8AF-8F8B3B57C2BD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7A0B4CC-191A-40FA-A9B5-7BB5D57D26BC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9022533E-666F-48BE-AFA3-72EDE068A4A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F7BED60-962F-463A-BED6-569A025E55F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AE76F9F-7658-4389-9BAF-1A3911568FF4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01089DFF-820D-406C-B004-6DC539575FB7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6921FF52-3DD5-452F-B4FF-DE46563F3F2A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73620CE9-A109-4810-B34E-10441487FB0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01F68136-4238-4B52-979A-5E09AE720EEE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{216DE3B1-9D48-45FB-9A14-E14C4AD1357C}" => removed successfully
"H:\Na vypaleni\Antiviry\TNod-1.6.4.1-beta-setup.exe" => not found
"C:\Stazeno\Temp\TNod-1.7.0.0-beta-setup.exe" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22157971 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 5453613 B
Edge => 0 B
Chrome => 451155893 B
Firefox => 17584165 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 45858 B
Users => 45858 B
ProgramData => 45858 B
Public => 45858 B
systemprofile => 45858 B
systemprofile32 => 45858 B
LocalService => 81434 B
NetworkService => 65266652 B
Marta => 65792602 B
admin => 117647989 B
RecycleBin => 573248341 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:38:18 ====
Ran by admin (18-10-2020 21:35:43) Run:1
Running from C:\Users\admin\OneDrive - edrive\Desktop
Loaded Profiles: admin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] ->
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2B49CA2E-82B5-4EEE-A746-8CE7C780AE72} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {2BA82528-82CE-430D-A700-979E70012758} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8} - \Lenovo\ImController\TimeBasedEvents\372ea573-272b-4d15-b3b9-42ae8eeb061c -> No File <==== ATTENTION
Task: {39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {47423429-0B0C-4597-BBD8-A85920D07DA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51A0B67E-A550-44C0-8C8E-724C83A3C2F6} - \Lenovo\ImController\TimeBasedEvents\36e6ab48-d4d0-42c2-b681-9896af5f1e26 -> No File <==== ATTENTION
Task: {52AC4213-F335-4F31-A8AC-03A6244BF078} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F5869E0-1537-4CDD-9774-86855C88FAB8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {61147F08-63F1-4DCA-911A-230DDA31759B} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6A029161-E29C-452D-8DCE-730674911828} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33} - \Lenovo\ImController\TimeBasedEvents\fc20c70b-8b7f-4817-8ed4-fd9edaa79dbf -> No File <==== ATTENTION
Task: {902A660D-0328-4D1C-8DF0-34C9FA550F12} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {92816FB4-B7F5-43F0-9A85-27FF1C6D6484} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {95A54D3D-1FF4-43F2-9F7D-3C489FDE631D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9F4F1272-B0B7-47DA-A3CE-5DE8997F7101} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB} - \Lenovo\ImController\TimeBasedEvents\d538ed94-c936-4c22-bd10-dee0f803e870 -> No File <==== ATTENTION
Task: {AF9A580B-42E2-4ADA-82D5-A0A0302F5315} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {C20051F6-C97C-4F48-A0D8-D185050ABF5D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C32EBB4D-7DF3-4777-A050-3BDF140A4F51} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C7C0405E-3715-4DFC-B70A-5C96AD757FC5} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645} - System32\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D14AEFB3-F6AB-49B0-B610-32B6F50B96F1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {D85C4A94-6213-4DDD-A36D-99701FDC6ECB} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E9029D18-F542-4E8A-A784-6A4372A17C30} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {EE1FA67C-3775-4183-9026-4D802DD705B6} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {F424A029-2267-4A21-A197-D2F86435771A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U4 aspnet_state; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d0f390e10b0338
C:\ProgramData\KMSTools.exe
C:\Program Files (x86)\GUT76E9.tmp
C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-09-27] <==== ATTENTION (zero byte File/Folder)
C:\WINDOWS\system32\npjp2.dll [2014-05-28] <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:0E5CFA74 [116]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9 [134]
AlternateDataStreams: C:\ProgramData\Temp:87C79266 [134]
AlternateDataStreams: C:\ProgramData\Temp:C5760A8B [290]
AlternateDataStreams: C:\ProgramData\Temp:C8B702FF [149]
AlternateDataStreams: C:\ProgramData\Temp:F6E5C7FB [111]
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
Toolbar: HKU\S-1-5-21-2003990707-279457667-3181234942-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FirewallRules: [{82740B71-1847-41BA-A07C-D05DF1B88D44}] => (Allow) C:\ProgramData\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => No File
FirewallRules: [{5964BEF4-56D7-404F-B0F6-1BF698B045FE}] => (Allow) C:\ProgramData\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => No File
FirewallRules: [{E2EE9EA4-985F-4923-B89E-AD133EE4857C}] => (Allow) C:\Driver\DriverEasy\DriverEasy.exe => No File
FirewallRules: [{CB4E883A-CCA7-4A8D-BF38-9738AE601B39}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{1E18C231-3996-492B-A8AF-8F8B3B57C2BD}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe => No File
FirewallRules: [{B7A0B4CC-191A-40FA-A9B5-7BB5D57D26BC}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe => No File
FirewallRules: [{9022533E-666F-48BE-AFA3-72EDE068A4A8}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe => No File
FirewallRules: [{0F7BED60-962F-463A-BED6-569A025E55F6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe => No File
FirewallRules: [{3AE76F9F-7658-4389-9BAF-1A3911568FF4}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12.exe => No File
FirewallRules: [{01089DFF-820D-406C-B004-6DC539575FB7}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{6921FF52-3DD5-452F-B4FF-DE46563F3F2A}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{73620CE9-A109-4810-B34E-10441487FB0C}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{01F68136-4238-4B52-979A-5E09AE720EEE}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\PowerDVD12ML.exe => No File
FirewallRules: [{216DE3B1-9D48-45FB-9A14-E14C4AD1357C}] => (Allow) C:\Prehravace\PowerDVD\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe => No File
H:\Na vypaleni\Antiviry\TNod-1.6.4.1-beta-setup.exe
C:\Stazeno\Temp\TNod-1.7.0.0-beta-setup.exe
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{50968FF7-10C1-4fb3-98B0-CD654D6CB97E} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B49CA2E-82B5-4EEE-A746-8CE7C780AE72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B49CA2E-82B5-4EEE-A746-8CE7C780AE72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BA82528-82CE-430D-A700-979E70012758}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BA82528-82CE-430D-A700-979E70012758}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C8DBB3B-41A6-4603-91E5-0FEEB137F0D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\372ea573-272b-4d15-b3b9-42ae8eeb061c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A84A61-9CCF-4EAB-A4BE-9DB2CFF82017}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B4AC8D-CD89-4C95-B578-3B6AFE9EE5A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47423429-0B0C-4597-BBD8-A85920D07DA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47423429-0B0C-4597-BBD8-A85920D07DA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51A0B67E-A550-44C0-8C8E-724C83A3C2F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51A0B67E-A550-44C0-8C8E-724C83A3C2F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\36e6ab48-d4d0-42c2-b681-9896af5f1e26" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52AC4213-F335-4F31-A8AC-03A6244BF078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AC4213-F335-4F31-A8AC-03A6244BF078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F5869E0-1537-4CDD-9774-86855C88FAB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5869E0-1537-4CDD-9774-86855C88FAB8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1cf4f1341741280" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61147F08-63F1-4DCA-911A-230DDA31759B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61147F08-63F1-4DCA-911A-230DDA31759B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A029161-E29C-452D-8DCE-730674911828}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A029161-E29C-452D-8DCE-730674911828}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0f390e18b8d87" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D1B4A79-3FB4-45E5-AFD5-C42A3923CF33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\fc20c70b-8b7f-4817-8ed4-fd9edaa79dbf" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{902A660D-0328-4D1C-8DF0-34C9FA550F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{902A660D-0328-4D1C-8DF0-34C9FA550F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92816FB4-B7F5-43F0-9A85-27FF1C6D6484}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92816FB4-B7F5-43F0-9A85-27FF1C6D6484}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95A54D3D-1FF4-43F2-9F7D-3C489FDE631D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A54D3D-1FF4-43F2-9F7D-3C489FDE631D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F4F1272-B0B7-47DA-A3CE-5DE8997F7101}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F4F1272-B0B7-47DA-A3CE-5DE8997F7101}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC0D9382-A21E-4F5C-B4BF-00EF37CF0AAB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\d538ed94-c936-4c22-bd10-dee0f803e870" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF9A580B-42E2-4ADA-82D5-A0A0302F5315}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF9A580B-42E2-4ADA-82D5-A0A0302F5315}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B45BCD4B-AF8C-4EA6-9F9D-2C22CD72F9E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20051F6-C97C-4F48-A0D8-D185050ABF5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20051F6-C97C-4F48-A0D8-D185050ABF5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C32EBB4D-7DF3-4777-A050-3BDF140A4F51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C32EBB4D-7DF3-4777-A050-3BDF140A4F51}" => removed successfully
C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7C0405E-3715-4DFC-B70A-5C96AD757FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7C0405E-3715-4DFC-B70A-5C96AD757FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8100CF0-9F59-4BE0-9D3A-0AB8A22C9645}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d04200dc818326" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D14AEFB3-F6AB-49B0-B610-32B6F50B96F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D14AEFB3-F6AB-49B0-B610-32B6F50B96F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6A3BFE0-5CAD-4089-97C0-615D1DFD62F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D85C4A94-6213-4DDD-A36D-99701FDC6ECB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D85C4A94-6213-4DDD-A36D-99701FDC6ECB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0e331d4848623" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9029D18-F542-4E8A-A784-6A4372A17C30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9029D18-F542-4E8A-A784-6A4372A17C30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EE1FA67C-3775-4183-9026-4D802DD705B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE1FA67C-3775-4183-9026-4D802DD705B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F424A029-2267-4A21-A197-D2F86435771A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F424A029-2267-4A21-A197-D2F86435771A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4f1341741280.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04200dc818326.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f4f5dc08c6b.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e331d4848623.job => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d0f390e18b8d87" => not found
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d0f390e10b0338 => moved successfully
C:\ProgramData\KMSTools.exe => moved successfully
C:\Program Files (x86)\GUT76E9.tmp => moved successfully
"C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-09-27] <==== ATTENTION (zero byte File\Folder)" => not found
"C:\WINDOWS\system32\npjp2.dll [2014-05-28] <==== ATTENTION (zero byte File\Folder)" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Temp => ":0E5CFA74" ADS removed successfully
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully
C:\ProgramData\Temp => ":689AB7E9" ADS removed successfully
C:\ProgramData\Temp => ":87C79266" ADS removed successfully
C:\ProgramData\Temp => ":C5760A8B" ADS removed successfully
C:\ProgramData\Temp => ":C8B702FF" ADS removed successfully
C:\ProgramData\Temp => ":F6E5C7FB" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
"HKU\S-1-5-21-2003990707-279457667-3181234942-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82740B71-1847-41BA-A07C-D05DF1B88D44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5964BEF4-56D7-404F-B0F6-1BF698B045FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2EE9EA4-985F-4923-B89E-AD133EE4857C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB4E883A-CCA7-4A8D-BF38-9738AE601B39}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E18C231-3996-492B-A8AF-8F8B3B57C2BD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7A0B4CC-191A-40FA-A9B5-7BB5D57D26BC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9022533E-666F-48BE-AFA3-72EDE068A4A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F7BED60-962F-463A-BED6-569A025E55F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AE76F9F-7658-4389-9BAF-1A3911568FF4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01089DFF-820D-406C-B004-6DC539575FB7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6921FF52-3DD5-452F-B4FF-DE46563F3F2A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73620CE9-A109-4810-B34E-10441487FB0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01F68136-4238-4B52-979A-5E09AE720EEE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{216DE3B1-9D48-45FB-9A14-E14C4AD1357C}" => removed successfully
"H:\Na vypaleni\Antiviry\TNod-1.6.4.1-beta-setup.exe" => not found
"C:\Stazeno\Temp\TNod-1.7.0.0-beta-setup.exe" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22157971 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 5453613 B
Edge => 0 B
Chrome => 451155893 B
Firefox => 17584165 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 45858 B
Users => 45858 B
ProgramData => 45858 B
Public => 45858 B
systemprofile => 45858 B
systemprofile32 => 45858 B
LocalService => 81434 B
NetworkService => 65266652 B
Marta => 65792602 B
admin => 117647989 B
RecycleBin => 573248341 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:38:18 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pridana pripona aeDbedBaEe
Smazáno, log je již OK. Zbývá dešifrovat soubory (obraťte se na odkaz uvedený v mém 1. příspěvku), nebo je obnovte ze zálohy (pokud ji máte).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pridana pripona aeDbedBaEe
Děkuji
Buri
Buri
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pridana pripona aeDbedBaEe
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?