Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Asi vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Asi vir
[Dobrý den, dneska začal problém co cca 5 seund vyskočí okno z ovcí co mečí. Log je v příloze, byl moc velký. Děkuji
- Přílohy
-
- logy.rar
- (54.18 KiB) Staženo 49 x
Naposledy upravil(a) pepinojablo dne 08 lis 2020 18:27, celkem upraveno 2 x.
Re: Asi vir
Ahoj
V prilohe je iba log Addition.txt, potrebujem aj hlavny log s nazvom FRST.txt
V prilohe je iba log Addition.txt, potrebujem aj hlavny log s nazvom FRST.txt
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
Takže můžete zamknout, viděl sem ve správci úloh, že se to spoušťí pod javou, tak jsem ji odinstaloval a je klid
Re: Asi vir
Odporucam pokracovat v precisteni, pretoze z doplneneho logu je vidno, ze v PC naozaj je neziaduci SW, a to sa nevyriesi len odinstalovanim Javy.
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Spustit skenovani a pockaj na dokoncenie
- V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
- V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
- Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
Děkukuji za reakci, samozřejmě sem udělal sken pc adw i on line esetem než sem tady napsal, klidně přidám log, je čistý, jen dodám s takovou kravinou sem se ještě nikdy nesetkal.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-09-2020
# Duration: 00:00:27
# OS: Windows 10 Pro
# Scanned: 31837
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1447 octets] - [09/10/2020 19:37:00]
AdwCleaner[C00].txt - [1617 octets] - [09/10/2020 19:37:27]
AdwCleaner[S01].txt - [6064 octets] - [22/10/2020 15:40:44]
AdwCleaner[C01].txt - [5454 octets] - [22/10/2020 15:42:43]
AdwCleaner[S02].txt - [1824 octets] - [28/10/2020 11:44:01]
AdwCleaner[C02].txt - [1956 octets] - [28/10/2020 11:44:37]
AdwCleaner[S03].txt - [4606 octets] - [03/11/2020 15:11:19]
AdwCleaner[C03].txt - [4212 octets] - [03/11/2020 15:14:01]
AdwCleaner[S04].txt - [1893 octets] - [08/11/2020 15:38:25]
AdwCleaner[S05].txt - [1954 octets] - [08/11/2020 18:09:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-09-2020
# Duration: 00:00:27
# OS: Windows 10 Pro
# Scanned: 31837
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1447 octets] - [09/10/2020 19:37:00]
AdwCleaner[C00].txt - [1617 octets] - [09/10/2020 19:37:27]
AdwCleaner[S01].txt - [6064 octets] - [22/10/2020 15:40:44]
AdwCleaner[C01].txt - [5454 octets] - [22/10/2020 15:42:43]
AdwCleaner[S02].txt - [1824 octets] - [28/10/2020 11:44:01]
AdwCleaner[C02].txt - [1956 octets] - [28/10/2020 11:44:37]
AdwCleaner[S03].txt - [4606 octets] - [03/11/2020 15:11:19]
AdwCleaner[C03].txt - [4212 octets] - [03/11/2020 15:14:01]
AdwCleaner[S04].txt - [1893 octets] - [08/11/2020 15:38:25]
AdwCleaner[S05].txt - [1954 octets] - [08/11/2020 18:09:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########
Re: Asi vir
Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
Toto su zrejme znovu tie predchadzajuce FRST logy, kedze datum a cas ich vytvorenia je 08-11-2020 17:28:24. Na vytvorenie novych FRST logov je potrebne znovu spustit FRST a kliknut na Scan.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
V pohode
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum Folder: C:\ProgramData\Avast\VARS File: C:\ProgramData\Avast\VARS\ServiceManager.exe File: C:\ProgramData\Avast\VARS\WindowsRuntime.exe File: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe File: C:\Users\pepin\Downloads\driver_booster_setup_ri.exe File: C:\Users\pepin\Downloads\winDRV103.exe File: C:\games\counter-strike global offensive\csgo.exe File: C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe HKLM-x32\...\Run: [] => [X] Startup: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe [2020-11-08] () [File not signed] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION 2020-11-11 17:22 - 2020-11-11 17:22 - 000000000 ____D C:\Users\pepin\Downloads\FRST-OlderVersion 2020-10-31 16:34 - 2020-10-31 16:34 - 000000000 ____D C:\Users\pepin\AppData\LocalLow\IObit 2020-10-31 16:33 - 2020-11-03 19:41 - 000000000 ____D C:\Users\pepin\AppData\Roaming\IObit 2020-10-31 16:33 - 2020-10-31 16:34 - 000000000 ____D C:\ProgramData\IObit 2020-10-31 16:32 - 2020-10-31 16:33 - 024243544 _____ (IObit ) C:\Users\pepin\Downloads\driver_booster_setup_ri.exe 2020-10-22 19:51 - 2020-10-22 19:52 - 019578824 _____ (IObit ) C:\Users\pepin\Downloads\winDRV103.exe CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File FirewallRules: [UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File FirewallRules: [TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File FirewallRules: [UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File FirewallRules: [TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File FirewallRules: [UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File FirewallRules: [TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File FirewallRules: [UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File FirewallRules: [TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File FirewallRules: [UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File FirewallRules: [TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File FirewallRules: [TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File FirewallRules: [UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File C:\ProgramData\Avast\VARS Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-11-2020
Ran by pepin (12-11-2020 02:17:05) Run:2
Running from C:\Users\pepin\OneDrive\Plocha
Loaded Profiles: pepin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\ProgramData\Avast\VARS
File: C:\ProgramData\Avast\VARS\ServiceManager.exe
File: C:\ProgramData\Avast\VARS\WindowsRuntime.exe
File: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe
File: C:\Users\pepin\Downloads\driver_booster_setup_ri.exe
File: C:\Users\pepin\Downloads\winDRV103.exe
File: C:\games\counter-strike global offensive\csgo.exe
File: C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe [2020-11-08] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2020-11-11 17:22 - 2020-11-11 17:22 - 000000000 ____D C:\Users\pepin\Downloads\FRST-OlderVersion
2020-10-31 16:34 - 2020-10-31 16:34 - 000000000 ____D C:\Users\pepin\AppData\LocalLow\IObit
2020-10-31 16:33 - 2020-11-03 19:41 - 000000000 ____D C:\Users\pepin\AppData\Roaming\IObit
2020-10-31 16:33 - 2020-10-31 16:34 - 000000000 ____D C:\ProgramData\IObit
2020-10-31 16:32 - 2020-10-31 16:33 - 024243544 _____ (IObit ) C:\Users\pepin\Downloads\driver_booster_setup_ri.exe
2020-10-22 19:51 - 2020-10-22 19:52 - 019578824 _____ (IObit ) C:\Users\pepin\Downloads\winDRV103.exe
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
C:\ProgramData\Avast\VARS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Data aplikací byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\...l\Data aplikací:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\History byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\AppData\Local\History:String) [Get-ChildItem], Unautho
rizedAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\...che\Content.IE5:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Microsoft\Windows\Temporary Internet Files byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\... Internet Files:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Temporary Internet Files byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\... Internet Files:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\...t Menu\Programy:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Data aplikací byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Data aplikací:String) [Get-ChildItem], UnauthorizedAcc
essException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Documents\Filmy byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Documents\Filmy:String) [Get-ChildItem], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Documents\Hudba byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Documents\Hudba:String) [Get-ChildItem], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Documents\Obrázky byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Documents\Obrázky:String) [Get-ChildItem], Unauthorize
dAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Dokumenty byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Dokumenty:String) [Get-ChildItem], UnauthorizedAccessE
xception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Local Settings byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Local Settings:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Nabídka Start byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Nabídka Start:String) [Get-ChildItem], UnauthorizedAcc
essException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Okolní síť byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Okolní síť:String) [Get-ChildItem], UnauthorizedAccess
Exception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Okolní tiskárny byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Okolní tiskárny:String) [Get-ChildItem], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Poslední byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Poslední:String) [Get-ChildItem], UnauthorizedAccessEx
ception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\SendTo byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\SendTo:String) [Get-ChildItem], UnauthorizedAccessExce
ption
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Soubory cookie byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Soubory cookie:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Šablony byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Šablony:String) [Get-ChildItem], UnauthorizedAccessExc
eption
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Measure-Object : The property "Length" cannot be found in the input for any objects.
At C:\FRST\tmp.ps1:1 char:66
+ ... OFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Measure-Object], PSArgumentException
+ FullyQualifiedErrorId : GenericMeasurePropertyNotFound,Microsoft.PowerShell.Commands.MeasureObjectCommand
========= End of Powershell: =========
========================= Folder: C:\ProgramData\Avast\VARS ========================
not found.
====== End of Folder: ======
========================= File: C:\ProgramData\Avast\VARS\ServiceManager.exe ========================
"C:\ProgramData\Avast\VARS\ServiceManager.exe" => not found
====== End of File: ======
========================= File: C:\ProgramData\Avast\VARS\WindowsRuntime.exe ========================
"C:\ProgramData\Avast\VARS\WindowsRuntime.exe" => not found
====== End of File: ======
========================= File: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe ========================
"C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe" => not found
====== End of File: ======
========================= File: C:\Users\pepin\Downloads\driver_booster_setup_ri.exe ========================
"C:\Users\pepin\Downloads\driver_booster_setup_ri.exe" => not found
====== End of File: ======
========================= File: C:\Users\pepin\Downloads\winDRV103.exe ========================
"C:\Users\pepin\Downloads\winDRV103.exe" => not found
====== End of File: ======
========================= File: C:\games\counter-strike global offensive\csgo.exe ========================
C:\games\counter-strike global offensive\csgo.exe
File not signed
MD5: 5704508E71BDFE06911CF17FFD2CD3E5
Creation and modification date: 2020-11-06 16:02 - 2015-02-24 11:13
Size: 000103424
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/dda ... 1544088100
====== End of File: ======
========================= File: C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe ========================
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
File not signed
MD5: E5C796B621F6FBA8616511063D7F0FFE
Creation and modification date: 2009-12-23 22:34 - 2009-12-23 22:34
Size: 000370688
Attributes: ----A
Company Name: StarWind Software
Internal Name: StarWind
Original Name: StarWind
Product: StarWind Alcohol Edition
Description: StarWind iSCSI Target (Alcohol Edition)
File Version: 12.1 Build 20091211
Product Version: 12.1 Build 20091211
Copyright: Copyright (c) StarWind Software 2003-2009. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/447 ... 1602712134
====== End of File: ======
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => not found
"C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
"C:\Users\pepin\Downloads\FRST-OlderVersion" => not found
"C:\Users\pepin\AppData\LocalLow\IObit" => not found
"C:\Users\pepin\AppData\Roaming\IObit" => not found
"C:\ProgramData\IObit" => not found
"C:\Users\pepin\Downloads\driver_booster_setup_ri.exe" => not found
"C:\Users\pepin\Downloads\winDRV103.exe" => not found
HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1} => not found
HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe" => not found
"C:\ProgramData\Avast\VARS" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10563216 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 20396 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 25484816 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1866 B
pepin => 58481 B
RecycleBin => 0 B
EmptyTemp: => 44.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:22:06 ====
Ran by pepin (12-11-2020 02:17:05) Run:2
Running from C:\Users\pepin\OneDrive\Plocha
Loaded Profiles: pepin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\ProgramData\Avast\VARS
File: C:\ProgramData\Avast\VARS\ServiceManager.exe
File: C:\ProgramData\Avast\VARS\WindowsRuntime.exe
File: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe
File: C:\Users\pepin\Downloads\driver_booster_setup_ri.exe
File: C:\Users\pepin\Downloads\winDRV103.exe
File: C:\games\counter-strike global offensive\csgo.exe
File: C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe [2020-11-08] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2020-11-11 17:22 - 2020-11-11 17:22 - 000000000 ____D C:\Users\pepin\Downloads\FRST-OlderVersion
2020-10-31 16:34 - 2020-10-31 16:34 - 000000000 ____D C:\Users\pepin\AppData\LocalLow\IObit
2020-10-31 16:33 - 2020-11-03 19:41 - 000000000 ____D C:\Users\pepin\AppData\Roaming\IObit
2020-10-31 16:33 - 2020-10-31 16:34 - 000000000 ____D C:\ProgramData\IObit
2020-10-31 16:32 - 2020-10-31 16:33 - 024243544 _____ (IObit ) C:\Users\pepin\Downloads\driver_booster_setup_ri.exe
2020-10-22 19:51 - 2020-10-22 19:52 - 019578824 _____ (IObit ) C:\Users\pepin\Downloads\winDRV103.exe
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
C:\ProgramData\Avast\VARS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Data aplikací byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\...l\Data aplikací:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\History byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\AppData\Local\History:String) [Get-ChildItem], Unautho
rizedAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\...che\Content.IE5:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Microsoft\Windows\Temporary Internet Files byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\... Internet Files:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Local\Temporary Internet Files byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\... Internet Files:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\...t Menu\Programy:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Data aplikací byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Data aplikací:String) [Get-ChildItem], UnauthorizedAcc
essException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Documents\Filmy byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Documents\Filmy:String) [Get-ChildItem], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Documents\Hudba byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Documents\Hudba:String) [Get-ChildItem], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Documents\Obrázky byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Documents\Obrázky:String) [Get-ChildItem], Unauthorize
dAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Dokumenty byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Dokumenty:String) [Get-ChildItem], UnauthorizedAccessE
xception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Local Settings byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Local Settings:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Nabídka Start byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Nabídka Start:String) [Get-ChildItem], UnauthorizedAcc
essException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Okolní síť byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Okolní síť:String) [Get-ChildItem], UnauthorizedAccess
Exception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Okolní tiskárny byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Okolní tiskárny:String) [Get-ChildItem], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Poslední byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Poslední:String) [Get-ChildItem], UnauthorizedAccessEx
ception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\SendTo byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\SendTo:String) [Get-ChildItem], UnauthorizedAccessExce
ption
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Soubory cookie byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Soubory cookie:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Get-ChildItem : Přístup k cestě C:\Users\pepin\Šablony byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\pepin\Šablony:String) [Get-ChildItem], UnauthorizedAccessExc
eption
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Measure-Object : The property "Length" cannot be found in the input for any objects.
At C:\FRST\tmp.ps1:1 char:66
+ ... OFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Measure-Object], PSArgumentException
+ FullyQualifiedErrorId : GenericMeasurePropertyNotFound,Microsoft.PowerShell.Commands.MeasureObjectCommand
========= End of Powershell: =========
========================= Folder: C:\ProgramData\Avast\VARS ========================
not found.
====== End of Folder: ======
========================= File: C:\ProgramData\Avast\VARS\ServiceManager.exe ========================
"C:\ProgramData\Avast\VARS\ServiceManager.exe" => not found
====== End of File: ======
========================= File: C:\ProgramData\Avast\VARS\WindowsRuntime.exe ========================
"C:\ProgramData\Avast\VARS\WindowsRuntime.exe" => not found
====== End of File: ======
========================= File: C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe ========================
"C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe" => not found
====== End of File: ======
========================= File: C:\Users\pepin\Downloads\driver_booster_setup_ri.exe ========================
"C:\Users\pepin\Downloads\driver_booster_setup_ri.exe" => not found
====== End of File: ======
========================= File: C:\Users\pepin\Downloads\winDRV103.exe ========================
"C:\Users\pepin\Downloads\winDRV103.exe" => not found
====== End of File: ======
========================= File: C:\games\counter-strike global offensive\csgo.exe ========================
C:\games\counter-strike global offensive\csgo.exe
File not signed
MD5: 5704508E71BDFE06911CF17FFD2CD3E5
Creation and modification date: 2020-11-06 16:02 - 2015-02-24 11:13
Size: 000103424
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/dda ... 1544088100
====== End of File: ======
========================= File: C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe ========================
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
File not signed
MD5: E5C796B621F6FBA8616511063D7F0FFE
Creation and modification date: 2009-12-23 22:34 - 2009-12-23 22:34
Size: 000370688
Attributes: ----A
Company Name: StarWind Software
Internal Name: StarWind
Original Name: StarWind
Product: StarWind Alcohol Edition
Description: StarWind iSCSI Target (Alcohol Edition)
File Version: 12.1 Build 20091211
Product Version: 12.1 Build 20091211
Copyright: Copyright (c) StarWind Software 2003-2009. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/447 ... 1602712134
====== End of File: ======
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => not found
"C:\Users\pepin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemX46Startup.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
"C:\Users\pepin\Downloads\FRST-OlderVersion" => not found
"C:\Users\pepin\AppData\LocalLow\IObit" => not found
"C:\Users\pepin\AppData\Roaming\IObit" => not found
"C:\ProgramData\IObit" => not found
"C:\Users\pepin\Downloads\driver_booster_setup_ri.exe" => not found
"C:\Users\pepin\Downloads\winDRV103.exe" => not found
HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1} => not found
HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe" => not found
"C:\ProgramData\Avast\VARS" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10563216 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 20396 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 25484816 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1866 B
pepin => 58481 B
RecycleBin => 0 B
EmptyTemp: => 44.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:22:06 ====
Re: Asi vir
Skontroluj adresar C:\FRST\Logs a pokial sa tam bude nachadzat viacero suborov, ktore maju v nazve slovo "Fixlog", poprosim o poslanie obsahu vsetkych takychto suborov.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
Tento log je jeďiný co tam mám.
Re: Asi vir
Zvlastne, ten fixlist bol zjavne spusteny dvakrat, ale prvy fixlog sa z nejakeho dovodu nevytvoril. Poprosim teda este raz o obidva nove logy z FRST.
Ako to momentalne vyzera s PC? Su este nejake problemy?
Ako to momentalne vyzera s PC? Su este nejake problemy?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 41
- Registrován: 11 led 2010 23:10
Re: Asi vir
Jo byl spuštěn 2x, protože ten první log záhadně zmizel. Pc se chová OK, dokonce po restartu mě neotravuje s tím, že mi tam chybí ta java. Děkuji