Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po startu se samovolně otevřou dvě nechtěné stránky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Pepanecek5
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 16 led 2014 18:01
Bydliště: Biskupice u Luhačovic

Po startu se samovolně otevřou dvě nechtěné stránky

#1 Příspěvek od Pepanecek5 »

Dobrý den,
z ničeho nic se mi vždy po zapnutí pc automaticky zapne google chrome a dvě nechtěné záložky, mnohdy i s nevhodnými hanbatými stránkami a je to dosti nepříjemné. Aby toho nebylo málo, postupně to začalo dělat na více počítačích v domácnosti. Prosím o pomoc! Nevím si s tím už rady.. MalwareBytes, CCleaner, Zemana anti malware a ani JRT mou situaci nevyřešilo.
vir.jpg
vir.jpg (25.43 KiB) Zobrazeno 718 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Po startu se samovolně otevřou dvě nechtěné stránky

#2 Příspěvek od Rudy »

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Pepanecek5
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 16 led 2014 18:01
Bydliště: Biskupice u Luhačovic

Re: Po startu se samovolně otevřou dvě nechtěné stránky

#3 Příspěvek od Pepanecek5 »

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Analog Devices, Inc.) [File not signed] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <21>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [134936 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SoundMAX] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.) [File not signed]
HKLM\...\Run: [UpdateUSB] => C:\Windows\inf\UpdateUSB.exe [32768 2006-06-24] (AsusTek Inc.) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
HKU\S-1-5-21-2743989496-1322578098-149565667-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408888 2021-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2743989496-1322578098-149565667-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG -> Nero AG)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-22] () [File not signed] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08419D3E-A668-436E-A8A1-E7A41092E798} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134488 2021-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {09673A60-7654-4F38-B579-BE79CB91FF7F} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {4497EAE1-E7F8-48B7-BE1F-0BFAC49D1DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2021-01-30] (Google Inc -> Google Inc.)
Task: {58D75978-DBBF-4CAE-9474-6E6AC4806100} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6BD3386A-2761-443A-9F71-E029AD56BAE2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134488 2021-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {8010EBD3-D448-469C-A220-F47098075977} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {86EC6DF1-2E39-4503-A4E4-725B0173AB60} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {96D624C3-1490-433E-B42E-6F232A1A39CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729184 2021-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6711A0D-AD18-49C5-875E-857ED82B59B1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4929304 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
Task: {A81618AD-DD98-489C-945C-FC35305EED37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729184 2021-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9D4247E-59D6-456C-BDAB-A429BE107AC4} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {D64BBA4C-7F1A-4CBA-820B-9E9E2B879E3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2021-01-30] (Google Inc -> Google Inc.)
Task: {F04C8085-9123-44A9-AA26-22C3157B0265} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2cbaf830-2846-4ef9-9991-d7be7e15f7b5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d633229-dcfd-4811-8e26-7c6992402ec3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d1a9b004-0240-4f5e-9af7-9665b93836e2}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Profile: C:\Users\Pepa\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-30]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default [2021-10-15]
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Extension: (Prezentace) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-30]
CHR Extension: (Dokumenty) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-30]
CHR Extension: (Disk Google) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-30]
CHR Extension: (YouTube) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-30]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-12]
CHR Extension: (Galaxy-View) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2021-01-30]
CHR Extension: (Tabulky) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-30]
CHR Extension: (Auto Quality for YouTube™) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaddfgegjgjelgkanamleadckkpnjpjc [2021-09-16]
CHR Extension: (Momentum) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2021-10-14]
CHR Extension: (YouTube NonStop) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-30]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8323664 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [630040 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [377624 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5026616 2021-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-23] (HP Inc. -> HP Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\drivers\61883.sys [70144 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 ADIHdAudAddService; C:\Windows\system32\drivers\ADIHdAud.sys [475136 2009-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2021-10-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ANVSOFT_WaveExtensible; C:\Windows\system32\drivers\ammvrtaudio.sys [38048 2019-12-24] (深圳市安韦尔软件技术有限公司 -> )
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [221600 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369176 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250408 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99368 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41368 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184640 2021-09-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [538480 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107864 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82912 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851712 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [557152 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215392 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [328568 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2020-11-16] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [3848192 2012-09-04] (C-Media Inc) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2020-11-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2020-11-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 MTsensor; C:\Windows\System32\drivers\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-31] (Microsoft Windows -> Microsoft Corporation)
R3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2019-12-07] (Microsoft Windows -> Marvell)
S3 yukonw7; \SystemRoot\System32\drivers\yk62x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-15 16:43 - 2021-10-15 16:44 - 000020851 _____ C:\Users\Pepa\Desktop\FRST.txt
2021-10-15 16:43 - 2021-10-15 16:43 - 000000000 ____D C:\FRST
2021-10-15 16:42 - 2021-10-15 16:42 - 002310656 _____ (Farbar) C:\Users\Pepa\Desktop\FRST64.exe
2021-10-15 14:35 - 2021-10-15 16:44 - 000110521 _____ C:\Windows\ZAM.krnl.trace
2021-10-15 14:35 - 2021-10-15 14:35 - 000002632 _____ C:\Windows\system32\Tasks\AMSkipUAC
2021-10-15 14:34 - 2021-10-15 14:35 - 000000000 ____D C:\Users\Pepa\AppData\Local\AMSDK
2021-10-15 14:34 - 2021-10-15 14:34 - 013922376 _____ (Zemana Ltd. ) C:\Users\Pepa\Desktop\AntiMalware_Setup.exe
2021-10-15 14:34 - 2021-10-15 14:34 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2021-10-15 14:34 - 2021-10-15 14:34 - 000003534 _____ C:\Windows\system32\Tasks\AMHelper
2021-10-15 14:34 - 2021-10-15 14:34 - 000001336 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2021-10-15 14:34 - 2021-10-15 14:34 - 000000000 ____D C:\Users\Pepa\AppData\Local\Zemana
2021-10-15 14:34 - 2021-10-15 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-10-15 14:34 - 2021-10-15 14:34 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-10-15 14:33 - 2021-10-15 14:33 - 000000876 _____ C:\Users\Pepa\Desktop\JRT.txt
2021-10-15 14:29 - 2021-10-15 14:29 - 001790024 _____ (Malwarebytes) C:\Users\Pepa\Desktop\JRT.exe
2021-10-13 23:32 - 2021-10-13 23:32 - 000000000 ___HD C:\$WinREAgent
2021-10-07 21:33 - 2021-10-07 22:24 - 000000000 ____D C:\Users\Pepa\Desktop\Nová složka
2021-09-26 23:11 - 2021-09-26 23:11 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-09-26 23:11 - 2021-09-26 23:11 - 000215392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-09-24 15:25 - 2021-09-24 15:35 - 000000000 ____D C:\Users\Pepa\Desktop\Bravo Hits - Collection (1992-2015) MP3 ikar911
2021-09-24 15:24 - 2021-09-24 15:24 - 000938507 _____ C:\Users\Pepa\Downloads\[SkT]VA_-_Bravo_Hits_-_Collection_(1991-2015)_MP3.torrent
2021-09-24 15:15 - 2021-09-29 14:38 - 000000000 ____D C:\Users\Pepa\Desktop\VA_-_BRAVO_Hits_Vol._114-WEB-2021-ZzZz
2021-09-24 15:15 - 2021-09-24 15:15 - 000018305 _____ C:\Users\Pepa\Downloads\[SkT]VA-BRAVO_Hits_Vol.114-WEB-(2021)_320_kbit_s.torrent
2021-09-24 15:15 - 2021-09-24 15:15 - 000000000 ____D C:\Users\Pepa\Desktop\VA_-_BRAVO_Hits_Vol.113-2CD-2021
2021-09-24 15:14 - 2021-09-24 15:15 - 000000000 ____D C:\Users\Pepa\Desktop\VA_-_BRAVO_Hits_Vol.112-2CD-(2021)
2021-09-24 15:14 - 2021-09-24 15:14 - 000018353 _____ C:\Users\Pepa\Downloads\[SkT]VA_-_Bravo_Hits_Vol.113.torrent
2021-09-24 15:14 - 2021-09-24 15:14 - 000016580 _____ C:\Users\Pepa\Downloads\[SkT]VA_-_Bravo_Hits_Vol.112_(2021).torrent
2021-09-22 22:48 - 2021-09-22 23:00 - 000000000 ____D C:\Users\Pepa\Desktop\Do auta
2021-09-19 22:58 - 2021-09-19 22:58 - 001998908 _____ C:\Windows\Minidump\091921-19406-01.dmp
2021-09-19 13:29 - 2021-09-19 13:29 - 000000056 _____ C:\Users\Pepa\Desktop\Nový textový dokument.txt
2021-09-16 22:45 - 2021-09-16 22:45 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-16 22:45 - 2021-09-16 22:45 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-16 22:45 - 2021-09-16 22:45 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-16 22:45 - 2021-09-16 22:45 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-16 22:45 - 2021-09-16 22:45 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-16 22:45 - 2021-09-16 22:45 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-16 22:45 - 2021-09-16 22:45 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-16 22:45 - 2021-09-16 22:45 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-16 22:44 - 2021-09-16 22:44 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-16 22:44 - 2021-09-16 22:44 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-16 22:44 - 2021-09-16 22:44 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-16 22:44 - 2021-09-16 22:44 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-16 22:44 - 2021-09-16 22:44 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 22:44 - 2021-09-16 22:44 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-16 22:44 - 2021-09-16 22:44 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-16 22:44 - 2021-09-16 22:44 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-16 22:44 - 2021-09-16 22:44 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-16 22:44 - 2021-09-16 22:44 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-16 22:43 - 2021-09-16 22:43 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-16 22:43 - 2021-09-16 22:43 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-16 22:43 - 2021-09-16 22:43 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-15 16:41 - 2021-01-30 17:42 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-15 15:12 - 2021-01-30 16:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-15 14:50 - 2021-01-31 11:29 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-15 14:48 - 2021-01-30 16:34 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-15 14:48 - 2021-01-30 16:15 - 000717008 _____ C:\Windows\system32\perfh005.dat
2021-10-15 14:48 - 2021-01-30 16:15 - 000145186 _____ C:\Windows\system32\perfc005.dat
2021-10-15 14:48 - 2021-01-30 16:11 - 000000000 ____D C:\Windows\INF
2021-10-15 14:42 - 2021-01-31 12:29 - 000000000 ____D C:\ProgramData\Avast Software
2021-10-15 14:41 - 2021-05-16 11:40 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-15 14:41 - 2021-03-04 20:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-10-15 14:41 - 2021-01-30 16:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-15 14:41 - 2021-01-30 16:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-15 14:41 - 2021-01-30 16:08 - 000524288 _____ C:\Windows\system32\config\BBI
2021-10-15 14:25 - 2021-01-30 16:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-15 12:48 - 2021-02-16 13:39 - 000000000 ____D C:\Windows\AppReadiness
2021-10-15 12:48 - 2021-01-30 16:27 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-15 12:48 - 2021-01-30 16:13 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-15 12:09 - 2021-01-30 17:43 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-15 12:09 - 2021-01-30 17:43 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-15 12:08 - 2021-01-31 12:31 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-10-15 12:08 - 2021-01-31 11:29 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-10-15 12:08 - 2021-01-30 17:43 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-15 12:08 - 2021-01-30 17:43 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-15 12:08 - 2021-01-30 17:33 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\vlc
2021-10-15 12:08 - 2021-01-30 16:33 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2743989496-1322578098-149565667-1001
2021-10-15 12:08 - 2021-01-30 16:27 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-15 12:08 - 2021-01-30 16:27 - 000003288 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-15 11:11 - 2021-02-11 15:49 - 000000412 __RSH C:\ProgramData\ntuser.pol
2021-10-15 11:07 - 2021-02-14 15:37 - 000000000 ___RD C:\Users\Pepa\Desktop\Všechno možné
2021-10-15 10:54 - 2021-01-30 16:08 - 000000000 ____D C:\Windows\CbsTemp
2021-10-12 23:14 - 2021-01-31 12:30 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-10-11 20:05 - 2021-01-30 16:30 - 000002381 _____ C:\Users\Pepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-08 22:27 - 2021-01-31 12:32 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-07 22:26 - 2021-01-30 17:32 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\AIMP3
2021-10-04 11:03 - 2021-02-23 23:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-30 13:06 - 2021-01-30 17:32 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\dvdcss
2021-09-27 21:10 - 2021-01-31 12:30 - 000184640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000851712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000557152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000538480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000369176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000328568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000250408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000221600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000107864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000099368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000082912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000041368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-09-26 23:11 - 2021-01-31 12:30 - 000021936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2021-09-26 23:11 - 2021-01-30 16:13 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-24 16:55 - 2021-01-30 16:30 - 000000000 ____D C:\Users\Pepa
2021-09-24 16:54 - 2021-03-30 11:37 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\BitTorrent
2021-09-20 12:18 - 2021-01-30 17:33 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\.minecraft
2021-09-20 12:17 - 2021-02-16 13:28 - 000000000 ____D C:\Users\Pepa\AppData\Local\ElevatedDiagnostics
2021-09-19 22:59 - 2021-04-07 17:57 - 000000000 ____D C:\Windows\Minidump
2021-09-19 22:59 - 2021-01-30 16:25 - 000518952 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-19 22:58 - 2021-04-07 17:57 - 1596939941 _____ C:\Windows\MEMORY.DMP
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\SystemResources
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\oobe
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\Dism
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\ShellComponents
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\Provisioning
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\bcastdvr
2021-09-19 22:58 - 2021-01-30 16:13 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-19 22:58 - 2021-01-30 16:08 - 000000000 ____D C:\Windows\servicing
2021-09-19 22:55 - 2021-01-30 16:13 - 000000000 ____D C:\Windows\LiveKernelReports
2021-09-19 17:16 - 2021-01-30 17:51 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-09-19 16:02 - 2021-01-31 11:30 - 000000436 _____ C:\Users\Pepa\Desktop\Tento počítač.lnk
2021-09-19 13:11 - 2021-05-14 21:13 - 000000000 ____D C:\Users\Pepa\Desktop\Kamera auto
2021-09-16 22:23 - 2021-02-01 13:52 - 000000000 ____D C:\Windows\system32\MRT
2021-09-16 22:21 - 2021-02-01 13:52 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-15 00:09 - 2021-03-14 15:58 - 000000000 ____D C:\Program Files (x86)\Steam

==================== Files in the root of some directories ========

2021-02-14 19:38 - 2021-05-27 22:10 - 000001198 _____ () C:\Users\Pepa\AppData\Roaming\PEPA.MTBF.txt
2021-02-14 19:40 - 2021-05-26 21:12 - 000004608 _____ () C:\Users\Pepa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Pepanecek5
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 16 led 2014 18:01
Bydliště: Biskupice u Luhačovic

Re: Po startu se samovolně otevřou dvě nechtěné stránky

#4 Příspěvek od Pepanecek5 »

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2302 04/15/2010
Motherboard: ASUSTeK Computer INC. Maximus II Formula
Processor: Intel(R) Core(TM)2 Extreme CPU X9650 @ 3.00GHz
Percentage of memory in use: 26%
Total physical RAM: 16383.1 MB
Available physical RAM: 12050.8 MB
Total Virtual: 17407.1 MB
Available Virtual: 11906.51 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:238.37 GB) (Free:134.27 GB) NTFS
Drive d: (VIDEA) (Fixed) (Total:931.51 GB) (Free:687.81 GB) NTFS
Drive e: (VIDEA 2) (Fixed) (Total:1863.01 GB) (Free:292.51 GB) NTFS
Drive f: (DATA) (Fixed) (Total:2794.39 GB) (Free:2153.55 GB) NTFS
Drive g: (FILMY A) (Fixed) (Total:3725.9 GB) (Free:640.15 GB) NTFS

\\?\Volume{0a5f64c7-0000-0000-0000-100000000000}\ (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7961403B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: ED4CDDDC)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 0A5F64C7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Po startu se samovolně otevřou dvě nechtěné stránky

#5 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-22] () [File not signed] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4497EAE1-E7F8-48B7-BE1F-0BFAC49D1DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2021-01-30] (Google Inc -> Google Inc.)
Task: {D64BBA4C-7F1A-4CBA-820B-9E9E2B879E3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2021-01-30] (Google Inc -> Google Inc.)
C:\Users\Public\Desktop\Zemana AntiMalware.lnk
C:\Users\Pepa\AppData\Local\Zemana
C:\Program Files (x86)\Zemana
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Pepa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte do stejného adresáře, v němž máte uůožen FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Příště, prosím, dávejte celé logy, tj. vč. jejich hlavičky!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Pepanecek5
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 16 led 2014 18:01
Bydliště: Biskupice u Luhačovic

Re: Po startu se samovolně otevřou dvě nechtěné stránky

#6 Příspěvek od Pepanecek5 »

Logy jsem zkopíroval úplně celé, to co z toho vylezlo jsem zde vložil. Tak provedl jsem opravu a problém zmizel! Co s ostatními pc, které trpí tím samým problémem?


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-10-2021 11:35:55)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 11:35:55 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Po startu se samovolně otevřou dvě nechtěné stránky

#7 Příspěvek od Rudy »

Toto není kompletní log Addition: https://forum.viry.cz/viewtopic.php?p=1543827#p1543827 . Ten vypadá takto: https://forum.viry.cz/viewtopic.php?p=1543707#p1543707 . Navíc ani u jednoho logu není hlavička, takže nevím, odkud byl spuŠtěn FRST a pak nemohu dát přesný adresář, kam uložit fixlist. Z ostatních PC budete muset dát stejné logy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“